!10 fix desktop entry config for nixos

Merge pull request !10 from SunnyPai/master
fix desktop entry config for nixos
2026-06-22 06:03:55 +08:00 · 2026-06-18 03:13:30 +00:00 · 2026-06-16 13:44:40 +08:00 · 2026-06-07 21:27:49 +08:00 · 2026-06-07 21:03:49 +08:00 · 2026-06-07 20:32:46 +08:00
94 changed files with 8434 additions and 20 deletions
@@ -0,0 +1,90 @@
+name: "📢 常规反馈与问题报告"
+description: "报告一个 Bug，提出新功能建议，或咨询使用问题。对于安全问题，请使用专门的安全漏洞报告模板。"
+title: "请简要描述反馈内容..."
+labels: ["needs-triage"] # 会自动添加此标签，便于筛选
+body:
+  - type: markdown
+    attributes:
+      value: |
+        感谢您花时间提交反馈！为了帮助我们更有效地理解和解决问题，请尽可能详细地填写以下信息。
+
+  - type: dropdown
+    id: feedback-type
+    attributes:
+      label: "反馈类型"
+      description: "请选择最符合您需求的类别。"
+      options:
+        - "🐛 Bug 报告"
+        - "💡 功能请求 / 建议"
+        - "📚 文档改进"
+        - "❓ 使用求助"
+        - "其他"
+      default: 0
+    validations:
+      required: true
+
+  - type: input
+    id: apm-version
+    attributes:
+      label: "APM 容器版本 / 镜像 Tag"
+      description: "您使用的是哪个版本？（例如：v1.2.0, latest, 或提交哈希）"
+      placeholder: "v1.2.0"
+    validations:
+      required: true
+
+  - type: textarea
+    id: description
+    attributes:
+      label: "问题描述或建议"
+      description: "清晰而详细地描述您遇到的问题，或者您希望的新功能是什么。"
+      placeholder: |
+        **对于 Bug：**
+        - 发生了什么？
+        - 您期望的行为是什么？
+        - 实际发生了什么？
+
+        **对于功能请求：**
+        - 您希望实现什么功能？
+        - 这个功能解决了什么痛点？
+        - 是否有其他类似的解决方案可供参考？
+    validations:
+      required: true
+
+  - type: textarea
+    id: reproduction
+    attributes:
+      label: "复现步骤 / 具体场景"
+      description: "如果是 Bug，请提供详细的复现步骤。如果是功能请求，请描述您的使用场景。"
+      placeholder: |
+        复现步骤：
+        1. 使用配置 '...'
+        2. 运行命令 '....'
+        3. 看到错误 '....'
+
+        或
+
+        使用场景：
+        当我在 [某个特定情况] 下，需要实现 [某个目标]，但目前无法做到，因为...
+      validations:
+        required: false
+
+  - type: textarea
+    id: environment
+    attributes:
+      label: "环境信息"
+      description: "请提供您的运行环境细节。"
+      placeholder: |
+        - 操作系统： （例如： Ubuntu 20.04, macOS Monterey）
+        - Docker 版本： （请输入 `docker version` 的输出）
+        - Kubernetes 版本（如果适用）：
+        - 其他相关配置：
+      validations:
+        required: false
+
+  - type: textarea
+    id: additional-context
+    attributes:
+      label: "补充信息"
+      description: "请添加任何其他有助于解决问题的信息，如日志片段、截图、核心配置文件（请脱敏）等。"
+      validations:
+        required: false
@@ -0,0 +1,76 @@
+name: "🛡️ 安全漏洞报告"
+description: "报告 APM 容器项目中可能存在的安全漏洞。请勿公开披露细节。"
+title: "[安全]: "
+labels: ["security", "needs-triage"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        **感谢您对 APM 容器项目安全的关注！**
+
+        为了保护我们的用户，我们非常重视负责任的漏洞披露。
+        **请勿在此表格中描述具体的漏洞细节。** 此 Issue 将作为跟踪入口，后续的敏感信息沟通将通过私有渠道进行。
+
+        ---
+
+        **重要提示：**
+        *   我们承诺遵循负责任的披露原则。
+        *   在修复之前公开漏洞细节可能会对其他用户造成风险。
+        *   我们的安全团队将在收到报告后尽快与您联系。
+
+  - type: input
+    id: contact
+    attributes:
+      label: "联系方式"
+      description: "请提供您的可靠联系方式（例如：电子邮件、Gitee ID 或 GitHub ID），以便我们安全团队的成员与您私聊。"
+      placeholder: "例如：email@example.com 或 @yourusername"
+    validations:
+      required: true
+
+  - type: textarea
+    id: vulnerability-overview
+    attributes:
+      label: "漏洞类型/概述"
+      description: "请在不涉及技术细节的前提下，简要描述您发现的漏洞类型和潜在影响。"
+      placeholder: |
+        例如：
+        - 类型：潜在的容器逃逸风险
+        - 影响：可能允许攻击者访问宿主机资源
+        - 组件：与数据收集器相关的某个组件
+    validations:
+      required: true
+
+  - type: dropdown
+    id: severity
+    attributes:
+      label: "初步严重性评估"
+      description: "根据您的理解，这个漏洞的潜在严重程度如何？"
+      options:
+        - "Critical - 远程代码执行、严重权限提升等"
+        - "High - 信息泄漏、权限绕过等"
+        - "Medium - 有限的信息泄漏或本地漏洞"
+        - "Low - 微小的安全策略规避"
+        - "尚未评估"
+    validations:
+      required: true
+
+  - type: input
+    id: affected-versions
+    attributes:
+      label: "受影响的版本"
+      description: "您是在哪个或哪些版本中发现此问题的？（如果已知）"
+      placeholder: "例如：v1.2.0, v1.3.0-beta1"
+
+  - type: textarea
+    id: next-steps
+    attributes:
+      label: "后续步骤确认"
+      attributes:
+        value: |
+          **您提交此报告后，会发生以下事情：**
+          1.  此 Issue 将被标记为 `security` 和 `needs-triage`。
+          2.  项目维护人员会通过您提供的联系方式（而非在此公开评论）与您私下联系。
+          3.  我们将共同协作调查、验证并修复该漏洞。
+          4.  修复程序准备就绪后，我们将发布安全更新，并在适当的时候公开致谢。
+
+          再次感谢您为保障社区安全所做的负责任的行为！
@@ -0,0 +1,3 @@
+result
+result-*
+spark-store/
@@ -0,0 +1,219 @@
+# APM 代理与助手（AGENTS）
+
+本文档描述了 APM 项目中使用的代理和助手工具，它们用于增强 APM 的功能和用户体验。
+
+## 1. 核心代理工具
+
+### 1.1 amber-pm-debug
+
+**功能**：用于在 APM 环境中执行命令，提供调试和诊断功能。
+
+**使用场景**：
+- 执行 apt 相关命令
+- 执行 dpkg 相关命令
+- 进入调试环境
+
+**示例**：
+```bash
+amber-pm-debug apt update
+amber-pm-debug dpkg --configure -a
+```
+
+### 1.2 amber-pm-app-launcher
+
+**功能**：通过应用启动器启动 APM 软件包。
+
+**使用场景**：
+- 启动已安装的 APM 应用
+- 传递参数给应用
+
+**示例**：
+```bash
+amber-pm-app-launcher firefox
+amber-pm-app-launcher gedit --new-document
+```
+
+### 1.3 amber-pm-configure-nvidia
+
+**功能**：配置 NVIDIA 驱动支持。
+
+**使用场景**：
+- 自动从主机获取 NVIDIA 驱动文件
+- 为 APM 应用提供 GPU 加速支持
+
+**示例**：
+```bash
+amber-pm-configure-nvidia /path/to/ace-env
+```
+
+## 2. 构建与转换工具
+
+### 2.1 amber-pm-convert
+
+**功能**：将普通 Deb 包转换为 APM 软件包。
+
+**使用场景**：
+- 转换第三方 Deb 包为 APM 格式
+- 自定义包名和版本号
+
+**示例**：
+```bash
+amber-pm-convert --base amber-pm-trixie /path/to/package.deb
+amber-pm-convert --base amber-pm-bookworm-spark-wine /path/to/package.deb --pkgname new-pkg --version 1.0.0
+```
+
+### 2.2 amber-pm-addons-maker
+
+**功能**：创建 APM addons 包，用于在 base 之上叠加额外的环境层。
+
+**使用场景**：
+- 为 base 环境添加 NVIDIA 驱动、Mesa 补丁
+- 为 base 环境添加 Git、Java、Python 等运行时
+- 所有基于该 base 的应用自动继承 addons 环境
+
+**示例**：
+```bash
+amber-pm-addons-maker --base amber-pm-bookworm --manual --pkgname amber-pm-bookworm-nvidia-addons
+amber-pm-addons-maker --base amber-pm-trixie /path/to/mesa-patch.deb --pkgname amber-pm-trixie-mesa-addons
+```
+
+**说明**：
+- addons 包命名格式建议为 `<base>-<描述>-addons`
+- 安装后自动在对应 base 的 `info_layer_addons.d/` 中注册
+- 支持 `--manual` 参数进入交互式创建流程
+
+### 2.3 amber-pm-dstore-patch
+
+**功能**：修补应用商店相关配置。
+
+**使用场景**：
+- 安装或更新软件包后自动执行
+- 确保应用商店配置正确
+
+### 2.3 amber-pm-desktop-fix
+
+**功能**：修复桌面环境相关问题，维护应用程序和图标链接。
+
+**使用场景**：
+- 安装或移除软件包后自动执行
+- 确保桌面环境正常运行
+- 自动迁移旧版链接到新目录结构
+
+**说明**：
+- 银河麒麟系统：链接到 `/usr/share/applications/`
+- 其他发行版：链接到 `/usr/local/share/applications/apm/`
+
+## 3. 沙箱与安全工具
+
+### 3.1 APM_USE_SANDBOX
+
+**功能**：启用主目录沙箱化。
+
+**使用场景**：
+- 运行不受信任的应用
+- 保护用户主目录
+
+**示例**：
+```bash
+apm sandbox-run firefox
+```
+
+### 3.2 APM_USE_BWRAP
+
+**功能**：使用 bwrap 进行额外的隔离。
+
+**使用场景**：
+- 需要更强隔离性的应用
+- 增强安全性
+
+**示例**：
+```bash
+apm bwrap-run firefox
+```
+
+## 4. 本地安装工具
+
+### 4.1 ssinstall
+
+**功能**：使用 ssinstall 进行本地软件安装。
+
+**使用场景**：
+- 安装本地软件包
+- 与 spark-store 集成
+
+**示例**：
+```bash
+apm ssinstall /path/to/package
+```
+
+### 4.2 ssaudit
+
+**功能**：使用 ssaudit 进行本地软件安装。
+
+**使用场景**：
+- 安装本地软件包并进行审计
+- 与 spark-store 集成
+
+**示例**：
+```bash
+apm ssaudit /path/to/package
+```
+
+## 5. 环境变量
+
+### 5.1 APM_PKG_NAME
+
+**功能**：指定当前运行的包名。
+
+**使用场景**：
+- 在脚本中识别当前包
+- 为应用提供包信息
+
+### 5.2 PATH_PREFIX
+
+**功能**：指定 APM 基础路径。
+
+**使用场景**：
+- 自定义 APM 安装位置
+- 多环境管理
+
+## 6. 工作原理
+
+APM 代理和助手工具通过以下方式工作：
+
+1. **环境隔离**：使用 fuse-overlayfs 创建隔离的文件系统环境
+2. **命令转发**：将用户命令转发到适当的环境中执行
+3. **资源共享**：从主机系统获取必要的资源（如 NVIDIA 驱动）
+4. **安全增强**：提供沙箱和隔离机制
+5. **用户体验**：简化应用的安装和运行过程
+
+## 7. 故障排除
+
+### 7.1 常见问题
+
+- **NVIDIA 驱动问题**：确保主机已安装 NVIDIA 驱动，APM 会自动检测并使用
+- **沙箱权限**：确保用户有足够的权限创建和管理沙箱
+- **包依赖**：使用 `apm show <package>` 查看包依赖，确保所有依赖已安装
+
+### 7.2 调试命令
+
+```bash
+# 查看调试信息
+apm debug
+
+# 检查包状态
+amber-pm-debug dpkg -l | grep <package>
+
+# 检查 NVIDIA 配置
+apm-nvidia-toggle
+```
+
+## 8. 扩展与定制
+
+APM 代理系统设计为可扩展的，您可以：
+
+1. **添加自定义代理**：在 `src/var/lib/apm/apm/files/ace-env/usr/bin/` 目录添加新的代理脚本
+2. **修改现有代理**：根据需要调整现有代理的行为
+3. **创建自定义基础环境**：使用 `amber-pm-convert` 工具创建基于特定需求的基础环境
+
+通过这些工具和技术，APM 提供了一个灵活、安全、高效的软件包管理系统，适用于各种 Linux 发行版。
@@ -0,0 +1,661 @@
+                    GNU AFFERO GENERAL PUBLIC LICENSE
+                       Version 3, 19 November 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+                            Preamble
+
+  The GNU Affero General Public License is a free, copyleft license for
+software and other kinds of works, specifically designed to ensure
+cooperation with the community in the case of network server software.
+
+  The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works.  By contrast,
+our General Public Licenses are intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+  Developers that use our General Public Licenses protect your rights
+with two steps: (1) assert copyright on the software, and (2) offer
+you this License which gives you legal permission to copy, distribute
+and/or modify the software.
+
+  A secondary benefit of defending all users' freedom is that
+improvements made in alternate versions of the program, if they
+receive widespread use, become available for other developers to
+incorporate.  Many developers of free software are heartened and
+encouraged by the resulting cooperation.  However, in the case of
+software used on network servers, this result may fail to come about.
+The GNU General Public License permits making a modified version and
+letting the public access it on a server without ever releasing its
+source code to the public.
+
+  The GNU Affero General Public License is designed specifically to
+ensure that, in such cases, the modified source code becomes available
+to the community.  It requires the operator of a network server to
+provide the source code of the modified version running there to the
+users of that server.  Therefore, public use of a modified version, on
+a publicly accessible server, gives the public access to the source
+code of the modified version.
+
+  An older license, called the Affero General Public License and
+published by Affero, was designed to accomplish similar goals.  This is
+a different license, not a version of the Affero GPL, but Affero has
+released a new version of the Affero GPL which permits relicensing under
+this license.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+                       TERMS AND CONDITIONS
+
+  0. Definitions.
+
+  "This License" refers to version 3 of the GNU Affero General Public License.
+
+  "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+  "The Program" refers to any copyrightable work licensed under this
+License.  Each licensee is addressed as "you".  "Licensees" and
+"recipients" may be individuals or organizations.
+
+  To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy.  The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+  A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+  To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy.  Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+  To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies.  Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+  An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License.  If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+  1. Source Code.
+
+  The "source code" for a work means the preferred form of the work
+for making modifications to it.  "Object code" means any non-source
+form of a work.
+
+  A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+  The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form.  A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+  The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities.  However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work.  For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+  The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+  The Corresponding Source for a work in source code form is that
+same work.
+
+  2. Basic Permissions.
+
+  All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met.  This License explicitly affirms your unlimited
+permission to run the unmodified Program.  The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work.  This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+  You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force.  You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright.  Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+  Conveying under any other circumstances is permitted solely under
+the conditions stated below.  Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+  3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+  No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+  When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+  4. Conveying Verbatim Copies.
+
+  You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+  You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+  5. Conveying Modified Source Versions.
+
+  You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+    a) The work must carry prominent notices stating that you modified
+    it, and giving a relevant date.
+
+    b) The work must carry prominent notices stating that it is
+    released under this License and any conditions added under section
+    7.  This requirement modifies the requirement in section 4 to
+    "keep intact all notices".
+
+    c) You must license the entire work, as a whole, under this
+    License to anyone who comes into possession of a copy.  This
+    License will therefore apply, along with any applicable section 7
+    additional terms, to the whole of the work, and all its parts,
+    regardless of how they are packaged.  This License gives no
+    permission to license the work in any other way, but it does not
+    invalidate such permission if you have separately received it.
+
+    d) If the work has interactive user interfaces, each must display
+    Appropriate Legal Notices; however, if the Program has interactive
+    interfaces that do not display Appropriate Legal Notices, your
+    work need not make them do so.
+
+  A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit.  Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+  6. Conveying Non-Source Forms.
+
+  You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+    a) Convey the object code in, or embodied in, a physical product
+    (including a physical distribution medium), accompanied by the
+    Corresponding Source fixed on a durable physical medium
+    customarily used for software interchange.
+
+    b) Convey the object code in, or embodied in, a physical product
+    (including a physical distribution medium), accompanied by a
+    written offer, valid for at least three years and valid for as
+    long as you offer spare parts or customer support for that product
+    model, to give anyone who possesses the object code either (1) a
+    copy of the Corresponding Source for all the software in the
+    product that is covered by this License, on a durable physical
+    medium customarily used for software interchange, for a price no
+    more than your reasonable cost of physically performing this
+    conveying of source, or (2) access to copy the
+    Corresponding Source from a network server at no charge.
+
+    c) Convey individual copies of the object code with a copy of the
+    written offer to provide the Corresponding Source.  This
+    alternative is allowed only occasionally and noncommercially, and
+    only if you received the object code with such an offer, in accord
+    with subsection 6b.
+
+    d) Convey the object code by offering access from a designated
+    place (gratis or for a charge), and offer equivalent access to the
+    Corresponding Source in the same way through the same place at no
+    further charge.  You need not require recipients to copy the
+    Corresponding Source along with the object code.  If the place to
+    copy the object code is a network server, the Corresponding Source
+    may be on a different server (operated by you or a third party)
+    that supports equivalent copying facilities, provided you maintain
+    clear directions next to the object code saying where to find the
+    Corresponding Source.  Regardless of what server hosts the
+    Corresponding Source, you remain obligated to ensure that it is
+    available for as long as needed to satisfy these requirements.
+
+    e) Convey the object code using peer-to-peer transmission, provided
+    you inform other peers where the object code and Corresponding
+    Source of the work are being offered to the general public at no
+    charge under subsection 6d.
+
+  A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+  A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling.  In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage.  For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product.  A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+  "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source.  The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+  If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information.  But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+  The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed.  Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+  Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+  7. Additional Terms.
+
+  "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law.  If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+  When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it.  (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.)  You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+  Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+    a) Disclaiming warranty or limiting liability differently from the
+    terms of sections 15 and 16 of this License; or
+
+    b) Requiring preservation of specified reasonable legal notices or
+    author attributions in that material or in the Appropriate Legal
+    Notices displayed by works containing it; or
+
+    c) Prohibiting misrepresentation of the origin of that material, or
+    requiring that modified versions of such material be marked in
+    reasonable ways as different from the original version; or
+
+    d) Limiting the use for publicity purposes of names of licensors or
+    authors of the material; or
+
+    e) Declining to grant rights under trademark law for use of some
+    trade names, trademarks, or service marks; or
+
+    f) Requiring indemnification of licensors and authors of that
+    material by anyone who conveys the material (or modified versions of
+    it) with contractual assumptions of liability to the recipient, for
+    any liability that these contractual assumptions directly impose on
+    those licensors and authors.
+
+  All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10.  If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term.  If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+  If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+  Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+  8. Termination.
+
+  You may not propagate or modify a covered work except as expressly
+provided under this License.  Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+  However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+  Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+  Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License.  If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+  9. Acceptance Not Required for Having Copies.
+
+  You are not required to accept this License in order to receive or
+run a copy of the Program.  Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance.  However,
+nothing other than this License grants you permission to propagate or
+modify any covered work.  These actions infringe copyright if you do
+not accept this License.  Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+  10. Automatic Licensing of Downstream Recipients.
+
+  Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License.  You are not responsible
+for enforcing compliance by third parties with this License.
+
+  An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations.  If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+  You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License.  For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+  11. Patents.
+
+  A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based.  The
+work thus licensed is called the contributor's "contributor version".
+
+  A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version.  For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+  Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+  In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement).  To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+  If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients.  "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+  If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+  A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License.  You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+  Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+  12. No Surrender of Others' Freedom.
+
+  If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all.  For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+  13. Remote Network Interaction; Use with the GNU General Public License.
+
+  Notwithstanding any other provision of this License, if you modify the
+Program, your modified version must prominently offer all users
+interacting with it remotely through a computer network (if your version
+supports such interaction) an opportunity to receive the Corresponding
+Source of your version by providing access to the Corresponding Source
+from a network server at no charge, through some standard or customary
+means of facilitating copying of software.  This Corresponding Source
+shall include the Corresponding Source for any work covered by version 3
+of the GNU General Public License that is incorporated pursuant to the
+following paragraph.
+
+  Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU General Public License into a single
+combined work, and to convey the resulting work.  The terms of this
+License will continue to apply to the part which is the covered work,
+but the work with which it is combined will remain governed by version
+3 of the GNU General Public License.
+
+  14. Revised Versions of this License.
+
+  The Free Software Foundation may publish revised and/or new versions of
+the GNU Affero General Public License from time to time.  Such new versions
+will be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+  Each version is given a distinguishing version number.  If the
+Program specifies that a certain numbered version of the GNU Affero General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation.  If the Program does not specify a version number of the
+GNU Affero General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+  If the Program specifies that a proxy can decide which future
+versions of the GNU Affero General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+  Later license versions may give you additional or different
+permissions.  However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+  15. Disclaimer of Warranty.
+
+  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+  16. Limitation of Liability.
+
+  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+  17. Interpretation of Sections 15 and 16.
+
+  If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+                     END OF TERMS AND CONDITIONS
+
+            How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU Affero General Public License as published
+    by the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU Affero General Public License for more details.
+
+    You should have received a copy of the GNU Affero General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+Also add information on how to contact you by electronic and paper mail.
+
+  If your software can interact with users remotely through a computer
+network, you should also make sure that it provides a way for users to
+get its source.  For example, if your program is a web application, its
+interface could display a "Source" link that leads users to an archive
+of the code.  There are many ways you could offer source, and different
+solutions will be better for different programs; see section 13 for the
+specific requirements.
+
+  You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU AGPL, see
+<https://www.gnu.org/licenses/>.
@@ -0,0 +1,463 @@
+
+
+# APM 软件包打包流程
+
+本文档为开发者准备，若您只是想从 deb 软件包打包 APM 软件包，您可以通过 `amber-pm-convert` 指令进行全自动一键转换。
+
+通过 `apm search amber-pm-` 即可搜索到所有可用的 base 列表。
+
+---
+
+## APM 软件包结构规范
+
+在阅读前，请确保您对 OverlayFS 有了基本的了解。
+
+OverlayFS 原理解析：
+[https://www.cnblogs.com/arnoldlu/p/13055501.html](https://www.cnblogs.com/arnoldlu/p/13055501.html)
+
+---
+
+## OverlayFS 层叠顺序说明
+
+APM 使用 OverlayFS 来管理软件包的文件系统层级，从上到下的层叠顺序为：
+
+1. **Upperdir**
+   当前包的可写层：`files/core/`
+
+2. **Info Layer Override**
+   由 `info_layer_override` 指定的覆盖层，位于所有依赖层之上
+
+3. **依赖层**
+   由 `info` 文件递归解析出的所有依赖包
+
+4. **Addons 层**
+   由 `info_layer_addons` 和 `info_layer_addons.d` 注册的 addons 包，位于对应 base 之上
+
+5. **底层 Runtime**
+   最基础的运行时环境（如 `amber-pm-bookworm`）
+
+这种层叠结构允许上层文件覆盖下层文件，实现灵活、高效的依赖管理与环境定制。
+
+---
+
+## APM 软件包目录结构示例
+
+一个典型的 APM 应用或中层依赖包应当包含以下内容：
+
+```
+├── DEBIAN
+│   ├── control
+│   └── postinst
+└── var
+    └── lib
+        └── apm
+            └── eom
+                ├── entries
+                │   ├── applications
+                │   ├── doc
+                │   ├── glib-2.0
+                │   └── man
+                ├── files
+                │   ├── core
+                │   └── work
+                ├── info
+                ├── info_layer_override    # 可选
+                └── info_env               # 可选（高级功能）
+```
+
+---
+
+## DEBIAN 目录说明
+
+包含软件包的基本信息和依赖环境声明。
+
+### control 文件示例
+
+```
+Package: eom
+Version: 1.26.0-2-apm
+Architecture: amd64
+Maintainer: APM Converter <apm-convert@spark-app.store>
+Depends: amber-pm-bookworm
+Installed-Size: 45228
+Description: APM converted package from eom
+ This package was automatically converted from the original deb package.
+ Based on: amber-pm-bookworm
+```
+
+字段说明：
+
+* **Package**
+  包名，应当唯一。使用转换器时默认与原 deb 包名一致
+
+* **Version**
+  软件包版本号，转换器会自动追加 `-apm`
+
+* **Architecture**
+  架构信息，遵循 dpkg 规范
+
+* **Depends**
+  直接依赖的 base 包名
+
+* **Installed-Size**
+  安装后大小，转换器自动计算
+
+* **Description**
+  软件包描述信息
+
+---
+
+### postinst 文件
+
+```
+#!/bin/bash
+PACKAGE_NAME="$DPKG_MAINTSCRIPT_PACKAGE"
+
+if [ "$1" = "remove" ] || [ "$1" = "purge" ]; then
+    echo "清理卸载残留"
+    rm -rf "/var/lib/apm/$PACKAGE_NAME"
+
+    for username in $(ls /home); do
+        if [ -d "/home/$username/.apm/$PACKAGE_NAME" ]; then
+            rm -rf "/home/$username/.apm/$PACKAGE_NAME"
+        fi
+    done
+else
+    echo "非卸载，跳过清理"
+fi
+```
+
+若无特殊需求，保持该内容即可，用于卸载时清理残留环境。
+
+---
+
+## /var/lib/apm 目录结构说明
+
+该目录包含 APM 软件包的运行环境与元数据。
+
+### 必须目录
+
+* **files/**
+
+  * `core/`：upperdir，可写层
+  * `work/`：OverlayFS 工作目录
+
+* **info**
+
+  * 声明直接依赖的 base 包
+  * 支持多层递归解析
+
+### 可选目录 / 文件
+
+* **entries/**
+
+  * `applications/`：`.desktop` 文件
+  * `doc/`：文档
+  * `glib-2.0/`：GLib 相关文件
+  * `man/`：手册页
+
+> ⚠ `.desktop` 文件中 **必须** 添加：
+>
+> ```
+> X-APM-APPID=包名
+> ```
+>
+> 以允许软件管理器正确识别和管理应用。
+
+---
+
+## info 文件说明（依赖解析）
+
+`info` 文件用于声明当前包直接依赖的 base 包，每行一个包名：
+
+```
+amber-pm-bookworm-spark-wine10
+```
+
+APM 会递归解析该 base 的 `info` 文件，直到找到最底层 runtime（如 `amber-pm-bookworm`）。
+
+> 使用多层依赖并非强制，但合理拆分 base 能显著减小包体积。
+> 可用的 base 列表可通过：
+>
+> ```
+> apm search amber-pm-
+> ```
+>
+> 查看。
+
+---
+
+## info_layer_override 文件（覆盖层）
+
+`info_layer_override` 是一个可选文件，用于在**所有依赖层之上**插入额外覆盖层。
+
+### 使用场景
+
+1. 覆盖依赖中的特定库版本（如 mesa）
+2. 覆盖默认配置文件
+3. 提供特殊运行环境
+
+### 规则说明
+
+* 语法与 `info` 完全一致
+* 每行一个包名
+* 层级位置：
+
+  ```
+  upperdir
+    ↑
+  info_layer_override
+    ↑
+  info 递归依赖
+  ```
+
+### 示例
+
+`info`：
+
+```
+amber-pm-bookworm
+```
+
+`info_layer_override`：
+
+```
+amber-pm-bookworm-mesa
+```
+
+最终 lowerdir 顺序：
+
+```
+amber-pm-bookworm-mesa:amber-pm-bookworm
+```
+
+---
+
+## info_layer_addons / info_layer_addons.d（Addons 层）
+
+`info_layer_addons` 和 `info_layer_addons.d` 是 **1.3.0+** 引入的标准，用于在 **base 之上叠加 addons 层**，使所有运行在该 base 上的应用自动继承 addons 环境。
+
+### 使用场景
+
+- 为所有基于同一 base 的应用统一注入 NVIDIA 驱动
+- 为所有基于同一 base 的应用统一更新 Mesa / Vulkan
+- 为所有基于同一 base 的应用统一提供 Git、Java、Python 等运行时环境
+- 无需修改 base 本身，即可同步变更环境
+
+### 规则说明
+
+- `info_layer_addons` — 位于 base 包目录下的可选文件，每行一个 addons 包名
+- `info_layer_addons.d/` — 位于 base 包目录下的可选目录，包含文件名格式为 `优先级-addons包名` 的文件
+- 数字越小优先级越高（排序靠前）
+- `.d` 目录中的 addons 优先级高于 `info_layer_addons` 文件中的 addons
+- **即使 base 没有 `info` 文件，也可以有 `info_layer_addons`**（最底层 base 也可以有 addons）
+- APM 在运行时自动读取并挂载这些 addons
+
+### Addons 包结构
+
+Addons 包是一种特殊的 APM 包，**不需要 `info` 文件和 `entries/` 目录**：
+
+```
+/var/lib/apm/<base>-<描述>-addons/
+├── files
+│   ├── core/          # upperdir（addons 的文件内容）
+│   └── work/          # OverlayFS 工作目录
+```
+
+### Addons 包命名规范
+
+建议格式：`<base>-<描述>-addons`
+
+示例：
+- `amber-pm-bookworm-nvidia-addons`
+- `amber-pm-trixie-mesa-addons`
+- `amber-pm-bookworm-java-addons`
+
+### 创建 Addons 包
+
+推荐使用 `amber-pm-addons-maker` 工具：
+
+```bash
+# 手动模式（交互式 shell 安装软件后打包）
+amber-pm-addons-maker --base amber-pm-bookworm --manual --pkgname amber-pm-bookworm-nvidia-addons
+
+# 自动模式（直接安装 deb 后打包）
+amber-pm-addons-maker --base amber-pm-bookworm /path/to/nvidia-driver.deb --pkgname amber-pm-bookworm-nvidia-addons
+```
+
+安装 addons 包后，它会在对应 base 的 `info_layer_addons.d/` 目录中自动注册，所有依赖该 base 的应用下次启动时即可自动加载该 addons。
+
+### 示例
+
+假设 `amber-pm-bookworm-nvidia-addons` 已安装并注册到 `amber-pm-bookworm`：
+
+`amber-pm-bookworm/info_layer_addons.d/50-amber-pm-bookworm-nvidia-addons`：
+
+```
+amber-pm-bookworm-nvidia-addons
+```
+
+应用包 `eom` 的 `info`：
+
+```
+amber-pm-bookworm
+```
+
+最终 lowerdir 顺序：
+
+```
+amber-pm-bookworm-nvidia-addons:amber-pm-bookworm
+```
+
+所有运行 `apm run eom` 的实例都会自动加载 NVIDIA addons。
+
+---
+
+## info_env（环境变量层 · 高级功能）
+
+`info_env` 是一个 **可选的高级特性**，用于为 APM 容器运行时提供**分层的环境变量配置能力**。
+
+### 功能概述
+
+* 为软件包及其依赖提供环境变量
+* 支持 **多层叠加**
+* **上层自动覆盖下层**
+* 与 OverlayFS 层级顺序完全一致
+* 不执行 shell 代码，仅解析键值对，安全可靠
+
+---
+
+### info_env 文件位置
+
+```
+/var/lib/apm/<包名>/info_env
+```
+
+---
+
+### info_env 应用顺序（重要）
+
+环境变量的加载顺序为：
+
+1. 底层 runtime 的 `info_env`
+2. 中间依赖包的 `info_env`
+3. 当前包的 `info_env`
+4. `info_layer_override` 中包的 `info_env`（最高优先级）
+
+**后加载的变量会覆盖之前的同名变量。**
+
+---
+
+### info_env 文件格式
+
+每行一条环境变量定义：
+
+```
+KEY=VALUE
+```
+
+示例：
+
+```
+QT_QPA_PLATFORM=dxcb;xcb
+LANG=zh_CN.UTF-8
+XMODIFIERS="@im=fcitx"
+PATH="/custom/bin:$PATH"
+```
+
+#### 规则说明
+
+* 支持分号 `;`
+* 支持带引号的值
+* 支持引用已有环境变量（如 `$PATH`）
+* 支持注释行（`#`）
+* 不允许执行任何 shell 语句
+
+❌ 以下内容将被忽略：
+
+```
+export A=1
+rm -rf /
+$(whoami)
+```
+
+---
+
+### 使用场景示例
+
+* 指定 Qt / GTK 平台插件
+* 设置输入法变量
+* 调整运行时 PATH / LD_LIBRARY_PATH
+* 为特定应用注入兼容性环境变量
+
+---
+
+## APM upperdir 制作流程（手动）
+
+1. 安装 APM 并安装所需 base：
+
+   ```bash
+   sudo apm install amber-pm-xxx
+   ```
+
+2. 创建目录结构：
+
+   ```bash
+   mkdir -p core work ace-env
+   ```
+
+3. 挂载 OverlayFS：
+
+   ```bash
+   sudo mount -t overlay overlay \
+     -o lowerdir='/var/lib/apm/apm/files/ace-env/var/lib/apm/amber-pm-xxx/files/ace-env',upperdir=core/,workdir=work/ \
+     ./ace-env
+   ```
+
+4. chroot 进入 `ace-env` 进行安装
+
+5. 卸载并打包
+
+---
+
+## APM 软件包测试
+
+```bash
+fuse-overlayfs -o lowerdir='...',upperdir=core/,workdir=work/ ./ace-env
+```
+
+或直接使用：
+
+```bash
+apm run 包名
+```
+
+APM 会自动完成：
+
+* 解析 `info` / `info_layer_override`
+* 应用 `info_env`
+* 构建 OverlayFS
+* 进入容器并运行应用
+
+---
+
+## APM 软件包打包
+
+```bash
+dpkg-deb --build 软件包目录 输出目录
+```
+
+---
+
+## APM 底层 Base Runtime 构建
+
+详见：
+[https://gitee.com/amber-ce/amber-pm-common](https://gitee.com/amber-ce/amber-pm-common)
+
+---
+
+### 备注
+
+APM 的打包工具与转换器会自动处理绝大多数复杂操作。
+手动打包与 `info_env` 主要用于 **特殊运行环境、深度定制或调试用途**。
+
@@ -1,33 +1,118 @@
-# APM 原理和软件包制作流程
+<div align="center">
+<img src="https://gitee.com/possibleving/amber-pm/raw/master/amber-pm-logo.png" alt="软件主图标" width="200" height="200"/>
+</div>

-制作apm包upperdir的流程
+# <p align="center">APM 琥珀软件包管理器</p>

-先安装base包（从release）
+## 简介

-sudo mount -t overlay  overlay   -o lowerdir='/var/lib/apm/amber-pm-trixie-host/files/ace-env',upperdir=core/,workdir=work/ ./ace-env
+APM 是一款基于 fuse-overlayfs，dpkg，AmberCE 容器的软件包管理系统，支持在 Debian，Fedora，Arch Linux 等发行版上运行。

-随后chroot进入进行安装操作，直接进行 apt install 或者其他都可以，完成后
+APM 目前提供 Debian 12/13 与 deepin 25 基础环境，支持将适配以上环境的应用转换为 APM 应用。

-core: 保存新增文件
-work: 保存变更信息
-需把这两个目录重新拥有并权限换成755
+> APM 会自动从主机获取 NVIDIA 驱动文件，因此您无需担心 N 卡加速问题；
+> 
+> 您可在 [src](src/) 目录找到 APM 的源代码；
+> 
+> OverlayFS 原理解析：[https://www.cnblogs.com/arnoldlu/p/13055501.html](https://www.cnblogs.com/arnoldlu/p/13055501.html)。

+## 体验

-fuse-overlayfs -o lowerdir='/var/lib/apm/amber-pm-trixie-host/files/ace-env',upperdir=core/,workdir=work/ ./ace-env
+前往右侧的 [发行版](https://gitee.com/amber-ce/amber-pm/releases/) 即可下载体验

-即可只读挂载并进行ace操作
+完成安装后，根据您的 CPU 架构选择对应的网页商店使用

-spec：
-对于lowerdir
-/var/lib/apm/包名/files/ace-env 是 lowerdir
+[![输入图片说明](https://foruda.gitee.com/images/1762931968047152487/8318e890_4915358.png "apm-webstore-x86-zh-light.png")](https://erotica.spark-app.store/amd64-apm/)
+[![输入图片说明](https://foruda.gitee.com/images/1762931903886978407/7ba50cd5_4915358.png "apm-webstore-arm-zh-light.png")](https://erotica.spark-app.store/arm64-apm/)

-对于upperdir
-/var/lib/apm/包名/files/core是upperdir
-/var/lib/apm/包名/files/work是upperdir的work
-/var/lib/apm/包名/files/ace-env是chroot进的目录（需要在打包好的包内加上允许读写这个目录——或者后续换成tmp的挂载点）
-/var/lib/apm/包名/info是配置信息，目前只写了依赖的base，后续可以定义默认启动指令等
-/var/lib/apm/包名/entries是desktop位置，后续会加到自动展示中
+目前 apm 应用支持 Debian 10+ , Arch Linux , fedora 42/43, openSUSE(测试) ,deepin/UOS 20+ , Ubuntu 20+ , 银河麒麟v10sp1，openkylin

+## 使用方法
+```
+APM - Amber Package Manager 

+Usage:
+  apm [COMMAND] [OPTIONS] [PACKAGES...]

-apm run 包名： 寻找 /var/lib/apm/包名/是否存在。若存在，根据info文件合成 fuser-overlayfs 参数进行挂载，随后用ACE工具chroot进入进行启动
+Commands:
+  install           安装软件包
+  remove            卸载软件包
+  launch <package> [args...]  启动软件包（通过应用启动器）
+  run <package> [EXEC_PATH] [args...]  运行指定软件包的可执行文件（可指定容器内路径）
+  update            更新软件包信息
+  list              查看可用软件包信息
+  search            搜索软件包
+  show              展示包信息
+  clean             清除缓存软件包
+  autoremove        自动移除不需要的包
+
+  amber             彩蛋功能
+  xmp360            彩蛋功能
+  bronya            彩蛋功能
+
+  -h, --help        显示此帮助信息
+  --help-all        显示完整帮助信息
+  -v, --version     展示APM版本号
+
+```
+
+### 完整命令列表
+使用 `apm --help-all` 查看完整的命令列表，包括高级命令如 `sandbox-run`、`bwrap-run`、`hold`、`unhold`、`full-upgrade`、`download`、`ssinstall`、`ssaudit`、`debug` 等。
+
+## NixOS 构建与本地测试
+
+NixOS 本地构建、安装、module 使用以及 NUR/nixpkgs 打包复用说明见 [docs/NIXOS.md](docs/NIXOS.md)。
+
+## APM Deb 包全自动转换器使用方法
+
+```
+用法: amber-pm-convert --base <basename> [--base <basename> ...] [--addons <addon-name> ...] <deb文件路径> [--pkgname <包名>] [--version <版本号>]
+
+参数说明:
+  --basename   必填参数，指定基础环境名称，可多次使用指定多个基础环境
+  --addons     可选参数，指定额外挂载的 addons 包，可多次使用
+  deb文件路径   必填参数，要转换的 Deb 文件路径
+  --pkgname    可选参数，指定新包的包名（默认使用原 Deb 包名）
+  --version    可选参数，指定新包的版本号（默认在原版本后追加'-apm'）
+
+示例:
+  amber-pm-convert --base amber-pm-trixie /path/to/package.deb
+  amber-pm-convert --base amber-pm-trixie --addons amber-pm-trixie-nvidia-addons /path/to/package.deb
+  amber-pm-convert --base amber-pm-bookworm-spark-wine /path/to/package.deb --pkgname new-pkg --version 1.0.0
+
+最下层的 base 在最后，从上到下写 base
+
+```
+
+## APM Addons 包创建工具
+
+```
+用法: amber-pm-addons-maker --base <base-name> [--manual] [--pkgname <包名>] [--version <版本>] [deb文件路径]
+
+参数说明:
+  --base       必填参数，指定基础环境名称
+  --manual     启用手动模式：融合挂载后打开交互 shell
+  --pkgname    可选参数，指定包名（建议格式：<base>-<描述>-addons）
+  --version    可选参数，指定版本号（默认 1.0.0-apm）
+  deb文件路径  可选参数，要安装到 addons 环境中的 Deb 文件
+
+示例:
+  amber-pm-addons-maker --base amber-pm-bookworm --manual --pkgname amber-pm-bookworm-nvidia-addons
+  amber-pm-addons-maker --base amber-pm-trixie /path/to/mesa.deb --pkgname amber-pm-trixie-mesa-addons
+```
+
+> 注意：APM 软件包为特殊的 Deb 软件包，因此若您在使用 Debian 或其他使用 dpkg 管理软件包的发行版，也可使用 apt 直接将 APM 软件包安装至系统中，同样可供使用。对于此种情况，请使用系统自带的 apt 进行软件包管理。
+
+## APM 的原理和软件包的介绍
+
+详见 [Packaging-demo](Packaging-demo)。
+
+> 1.1.5+ 版本支持了覆盖 base 功能，相见 https://gitee.com/amber-ce/amber-pm/blob/master/Packaging-demo/README.md#info_layer_override-%E6%96%87%E4%BB%B6
+>
+> 1.3.0+ 版本支持了 addons 层功能，相见 https://gitee.com/amber-ce/amber-pm/blob/master/Packaging-demo/README.md#info_layer_addons--info_layer_addonsdaddons-%E5%B1%82
+
+## APM 构建 Tips
+
+> 请 `cp -vr src pkg` 来创建一个准备配置的环境，随后 `./build.sh pkg` 即可进行进一步的打包操作
+
+APM 使用了特殊的精简版 AmberCE 兼容环境，相关的 Tips 见 [Tips](tips.md)。
@@ -0,0 +1,9 @@
+Package: apm
+Version: 1.1.6-1
+Maintainer: shenmo <jifengshenmo@outlook.com>
+Priority: optional
+Section: utils
+Installed-Size: 76
+Description: A empty package to satisfy depends--Also,manage in-apm-runtime cloud configs
+Architecture: all
+Homepage: https://shenmo7192.gitee.io/
@@ -0,0 +1,19 @@
+#!/bin/bash
+export PACKAGE_NAME="$DPKG_MAINTSCRIPT_PACKAGE"
+
+
+case "$1" in
+	triggered)
+			amber-pm-dstore-patch
+            amber-pm-base-overrider
+
+	;;
+	*)
+            amber-pm-base-overrider
+	;;
+esac
+
+
+
+
+true
@@ -0,0 +1 @@
+interest-noawait /var/lib/apm
@@ -0,0 +1 @@
+# File in this dir will be seen as one of  XDG_DATA_DIRS in ACE container.
@@ -0,0 +1,10 @@
+[Desktop Entry]
+Exec=xdg-open %U
+MimeType=x-scheme-handler/spk;x-scheme-handler/wemeet;inode/directory;application/x-mimearchive;x-scheme-handler/http;x-scheme-handler/https;application/msword;application/vnd.openxmlformats-officedocument.wordprocessingml.document;application/vnd.ms-excel;application/vnd.openxmlformats-officedocument.spreadsheetml.sheet;application/vnd.ms-powerpoint;application/vnd.openxmlformats-officedocument.presentationml.presentation;application/x-gzip;application/zip;application/rar;application/x-tar;application/pdf;application/rtf;image/gif;image/jpeg;image/jp2;image/png;image/tiff;image/bmp;image/svg+xml;image/webp;image/x-icon;application/kswps;application/kset;application/ksdps;application/x-photoshop;application/x-coreldraw;application/x-shockwave-flash;text/plain;application/x-javascript;text/javascript;text/css;text/html;application/xhtml+xml;text/xml;text/x-vcard;application/x-httpd-php;application/java-archive;application/vnd.android.package-archive;application/octet-stream;application/x-x509-user-cert;audio/mpeg;audio/midi;audio/x-wav;audio/x-mpegurl;audio/x-m4a;audio/ogg;audio/x-realaudio;video/mp4;video/mpeg;video/quicktime;video/x-m4v;video/x-ms-wmv;video/x-msvideo;video/webm;video/x-flv;application/xhtml_xml;
+Name=ace-run-in-host-os
+NoDisplay=true
+Terminal=false
+TryExec=
+Type=Application
+Version=1.0
+
@@ -0,0 +1,196 @@
+#!/bin/bash
+
+# amber-pm-base-overrider
+# 功能：检查 /opt/apm-dummy/files-to-override 下的文件，并覆盖到所有包含
+#       /var/lib/apm/文件夹/files 的 /var/lib/apm/文件夹/files/ace-env 下
+#       同时删除每个 ace-env 目录下的 amber-ce-tools/bin-override/bwrap
+
+# 日志函数
+log_warn() { echo -e "[\e[33mWARN\e[0m]:  \e[1m$*\e[0m"; }
+log_error()  { echo -e "[\e[31mERROR\e[0m]: \e[1m$*\e[0m"; }
+log_info() { echo -e "[\e[96mINFO\e[0m]:  \e[1m$*\e[0m"; }
+log_debug()  { echo -e "[\e[32mDEBUG\e[0m]: \e[1m$*\e[0m"; }
+
+# 配置
+OVERRIDE_SOURCE="/opt/apm-dummy/files-to-override"
+APM_BASE_DIR="/var/lib/apm"
+BWRAP_PATH="amber-ce-tools/bin-override/bwrap"
+
+# 显示帮助信息
+show_help() {
+    cat <<EOF
+amber-pm-base-overrider - APM 基础环境覆盖工具
+
+用法:
+  $(basename "$0") [选项]
+
+选项:
+  -h, --help      显示此帮助信息
+  -v, --verbose   显示详细输出
+  -n, --dry-run   试运行，不实际执行覆盖操作
+
+功能:
+  检查 /opt/apm-dummy/files-to-override 下的文件，
+  并覆盖到所有 /var/lib/apm/<包名>/files/ace-env 目录下。
+  同时删除每个 ace-env 目录下的 amber-ce-tools/bin-override/bwrap。
+EOF
+}
+
+# 解析参数
+VERBOSE=false
+DRY_RUN=false
+
+while [[ $# -gt 0 ]]; do
+    case $1 in
+        -h|--help)
+            show_help
+            exit 0
+            ;;
+        -v|--verbose)
+            VERBOSE=true
+            shift
+            ;;
+        -n|--dry-run)
+            DRY_RUN=true
+            shift
+            ;;
+        *)
+            log_error "未知选项: $1"
+            show_help
+            exit 1
+            ;;
+    esac
+done
+
+# 检查源目录是否存在
+if [ ! -d "$OVERRIDE_SOURCE" ]; then
+    log_error "源目录不存在: $OVERRIDE_SOURCE"
+    exit 1
+fi
+
+# 检查源目录是否为空
+if [ -z "$(ls -A "$OVERRIDE_SOURCE" 2>/dev/null)" ]; then
+    $VERBOSE && log_info "源目录为空，仅执行清理操作"
+fi
+
+$VERBOSE && log_info "源目录: $OVERRIDE_SOURCE"
+
+# 检查 APM 基础目录是否存在
+if [ ! -d "$APM_BASE_DIR" ]; then
+    exit 0
+fi
+
+# 计数器
+OVERRIDE_COUNT=0
+DELETE_COUNT=0
+ERROR_COUNT=0
+
+# 遍历 /var/lib/apm/ 下的所有子目录
+for pkg_dir in "$APM_BASE_DIR"/*/; do
+    # 去掉末尾的斜杠
+    pkg_dir="${pkg_dir%/}"
+
+    # 检查是否是目录
+    if [ ! -d "$pkg_dir" ]; then
+        continue
+    fi
+
+    pkg_name=$(basename "$pkg_dir")
+    files_dir="$pkg_dir/files"
+    target_dir="$files_dir/ace-env"
+
+    # 检查是否存在 files 目录
+    if [ ! -d "$files_dir" ]; then
+        $VERBOSE && log_debug "跳过 $pkg_name: 不存在 files 目录"
+        continue
+    fi
+
+    # 检查是否存在 ace-env 目录
+    if [ ! -d "$target_dir" ]; then
+        $VERBOSE && log_debug "跳过 $pkg_name: 不存在 ace-env 目录"
+        continue
+    fi
+
+    # ---- 删除 amber-ce-tools/bin-override/bwrap ----
+    bwrap_file="$target_dir/$BWRAP_PATH"
+    if [ -e "$bwrap_file" ] || [ -L "$bwrap_file" ]; then
+        if [ "$DRY_RUN" = true ]; then
+            if [ -d "$bwrap_file" ]; then
+                echo "  [试运行] 将删除目录: $bwrap_file"
+            else
+                echo "  [试运行] 将删除文件: $bwrap_file"
+            fi
+            ((DELETE_COUNT++))
+        else
+            if rm -rf "$bwrap_file" 2>/dev/null; then
+                $VERBOSE && log_info "已删除: $bwrap_file"
+                ((DELETE_COUNT++))
+            else
+                log_error "删除失败: $bwrap_file"
+                ((ERROR_COUNT++))
+            fi
+        fi
+    else
+        $VERBOSE && log_debug "$pkg_name: bwrap 文件不存在，无需删除"
+    fi
+
+    # ---- 覆盖文件 ----
+    # 检查源目录是否为空
+    if [ -z "$(ls -A "$OVERRIDE_SOURCE" 2>/dev/null)" ]; then
+        continue
+    fi
+
+    # 检查是否有文件需要更新（比较源文件和目标文件）
+    NEED_UPDATE=false
+    while IFS= read -r -d '' file; do
+        rel_path="${file#$OVERRIDE_SOURCE/}"
+        target_file="$target_dir/$rel_path"
+        # 如果目标文件不存在或源文件更新，则需要更新
+        if [ ! -e "$target_file" ] || [ "$file" -nt "$target_file" ]; then
+            NEED_UPDATE=true
+            break
+        fi
+    done < <(find "$OVERRIDE_SOURCE" -type f -print0 2>/dev/null)
+
+    # 如果没有需要更新的文件，跳过
+    if [ "$NEED_UPDATE" = false ]; then
+        $VERBOSE && log_debug "跳过 $pkg_name: 文件已是最新"
+        continue
+    fi
+
+    $VERBOSE && log_info "处理包: $pkg_name"
+
+    # 使用 rsync 或 cp 进行覆盖
+    if [ "$DRY_RUN" = true ]; then
+        $VERBOSE && log_info "[试运行] 将覆盖文件到: $target_dir"
+        find "$OVERRIDE_SOURCE" -type f | while read -r file; do
+            rel_path="${file#$OVERRIDE_SOURCE/}"
+            target_file="$target_dir/$rel_path"
+            echo "  将复制: $rel_path -> $target_file"
+        done
+        ((OVERRIDE_COUNT++))
+    else
+        # 使用 cp -r 进行递归复制，保留权限
+        if cp -rL "$OVERRIDE_SOURCE"/* "$target_dir/" 2>/dev/null; then
+            $VERBOSE && log_info "成功覆盖到: $target_dir"
+            ((OVERRIDE_COUNT++))
+        else
+            log_error "覆盖失败: $target_dir"
+            ((ERROR_COUNT++))
+        fi
+    fi
+done
+
+# 输出统计信息
+$VERBOSE && log_info "===================================="
+$VERBOSE && log_info "操作完成"
+log_info "成功覆盖: $OVERRIDE_COUNT 个包"
+log_info "成功删除 bwrap: $DELETE_COUNT 个包"
+if [ "$DRY_RUN" = true ]; then
+    log_info "[试运行模式] 未实际执行操作"
+fi
+if [ $ERROR_COUNT -gt 0 ]; then
+    log_error "失败: $ERROR_COUNT 个操作"
+fi
+
+exit 0
@@ -0,0 +1,177 @@
+#!/bin/bash
+
+enumAppInfoList() {
+    appInfoList=()
+    apps="/var/lib/apm"
+    list=$(ls $apps 2>/dev/null)
+    for appID in $list; do
+        appInfoList+=("$appID")
+    done
+    echo "${appInfoList[@]}"
+}
+
+linkDir() {
+    ensureTargetDir() {
+        targetFile=$1
+        t=$(dirname "$targetFile")
+        mkdir -p "$t"
+    }
+
+    source=$1
+    target=$2
+    sourceDir=$(dirname "$source")
+    targetDir=$(dirname "$target")
+    find "$source" -type f | while read sourceFile; do
+        targetFile="$targetDir/${sourceFile#$sourceDir/}"
+        ensureTargetDir "$targetFile"
+        sourceFile=$(realpath --relative-to="$(dirname $targetFile)" "$sourceFile" )
+        if [  ! -e "${targetFile}" ];then
+            ln -sv "$sourceFile" "$targetFile"
+        fi
+    done
+}
+
+linkApp() {
+    appID=$1
+    appEntriesDir="/var/lib/apm/$appID/entries"
+    appLibsDir="/var/lib/apm/$appID/files/lib"
+    autoStartDir="$appEntriesDir/autostart"
+
+    if [ -d "$autoStartDir" ]; then
+        linkDir "$autoStartDir" "/etc/xdg/autostart"
+    fi
+
+    # link application
+    sysShareDir="/usr/share"
+    for folder in "$appEntriesDir/applications" "$appEntriesDir/icons" "$appEntriesDir/mime" "$appEntriesDir/glib-2.0" "$appEntriesDir/services" "$appEntriesDir/pixmaps" "$appEntriesDir/GConf" "$appEntriesDir/help" "$appEntriesDir/locale" "$appEntriesDir/fcitx"; do
+        if [ ! -d "$folder" ]; then
+            continue
+        fi
+
+        # 对于 applications 目录，先为所有 .desktop 文件添加必要的字段
+        if [ "$folder" = "$appEntriesDir/applications" ]; then
+            find "$folder" -name "*.desktop" -type f | while read desktop; do
+                # 添加 X-APM-APPID
+                if ! grep -q "^X-APM-APPID=" "$desktop"; then
+                    echo "X-APM-APPID=$appID" >> "$desktop"
+                fi
+                # 添加 X-Deepin-PreUninstall
+                if ! grep -q "^X-Deepin-PreUninstall=" "$desktop"; then
+                    echo "X-Deepin-PreUninstall=amber-pm-app-uninstaller $appID" >> "$desktop"
+                fi
+            done
+        fi
+
+        if [ "$folder" = "$appEntriesDir/polkit" ]; then
+            linkDir "$folder" "/usr/share/polkit-1"
+        elif [ "$folder" = "$appEntriesDir/fonts/conf" ]; then
+            linkDir "$folder" "/etc/fonts/conf.d"
+        else
+            linkDir "$folder" "$sysShareDir/${folder##*/}"
+        fi
+    done
+}
+
+function exec_uos_package_link(){
+    for app in $(enumAppInfoList); do
+        linkApp "$app" &
+    done
+    wait
+}
+
+function exec_v23_icon_link(){
+    # Fix v23 broken icon
+    if [ ! -d "/usr/share/icons/hicolor/scalable/apps" ];then
+        mkdir -p /usr/share/icons/hicolor/scalable/apps
+    fi
+
+    for icon_root_icon_path in $(ls /usr/share/icons/*.png /usr/share/icons/*.svg 2>/dev/null)
+    do
+        target_icon_path=/usr/share/icons/hicolor/scalable/apps/$(basename ${icon_root_icon_path})
+        if [  ! -e ${target_icon_path} ];then
+            ln -sv $(realpath --relative-to=/usr/share/icons/hicolor/scalable/apps ${icon_root_icon_path}) /usr/share/icons/hicolor/scalable/apps
+        fi
+    done
+}
+
+function exec_link_clean(){
+    # remove broken links in /usr/share
+    find /usr/share/applications -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/icons -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/mime/packages -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/glib-2.0 -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/dbus-1/services -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/fcitx -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/help -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/locale -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/lib/mozilla/plugins -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/polkit-1/actions -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/fonts -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /etc/fonts/conf.d -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+}
+
+function exec_uos_package_update(){
+    update-icon-caches /usr/share/icons/* > /dev/null 2>&1 &
+    update-desktop-database -q > /dev/null 2>&1 &
+    update-mime-database -V /usr/share/mime > /dev/null 2>&1 &
+    glib-compile-schemas /usr/share/glib-2.0/schemas/ > /dev/null 2>&1 &
+}
+
+function exec_debian_compatibile_links(){
+    # 源目录和目标目录定义
+    local SOURCE_DIR="/var/lib/apm"
+    local TARGET_DIR="/var/lib/apm/apm/files/ace-env/var/lib/apm"
+
+    # 检查目标目录是否存在
+    if [[ ! -d "$TARGET_DIR" ]]; then
+        mkdir -p $TARGET_DIR
+    fi
+
+    # 第一部分：为缺失的目录创建软链接
+    echo "检查并创建缺失的软链接..."
+    for dir in "$SOURCE_DIR"/*/; do
+        # 获取目录名（去掉路径和尾部斜杠）
+        dirname=$(basename "$dir")
+        
+        # 跳过 apm 目录
+        if [[ "$dirname" == "apm" ]]; then
+            continue
+        fi
+        
+        # 检查目标目录中是否已存在对应的软链接或目录
+        target_link="$TARGET_DIR/$dirname"
+        if [[ ! -e "$target_link" ]]; then
+            echo "创建软链接: $target_link -> $dir"
+            ln -sv "$dir" "$target_link"
+        fi
+    done
+
+    # 第二部分：清理无效的软链接
+    echo "清理无效的软链接..."
+    for link in "$TARGET_DIR"/*; do
+        # 检查是否为软链接
+        if [[ -L "$link" ]]; then
+            # 检查软链接是否有效（指向的目标是否存在）
+            if [[ ! -e "$link" ]]; then
+                echo "删除无效软链接: $link"
+                rm "$link"
+            fi
+        fi
+    done
+}
+
+#########################################################################################
+echo "----------------Running APM Dstore Patch----------------"
+
+# 执行链接操作（同时完成 .desktop 字段添加）
+exec_uos_package_link
+
+# exec_v23_icon_link
+exec_link_clean
+wait
+exec_uos_package_update
+if [[ "${IS_APM_ENV}" = "" ]];then
+    exec_debian_compatibile_links
+fi
+
+echo "----------------Finished----------------"
@@ -0,0 +1 @@
+@VERSION@=1.3.4.0
@@ -0,0 +1,92 @@
+#!/usr/bin/env bash
+
+########################################
+# 配置部分
+########################################
+config_file="build.config"  # 配置文件路径
+if [[ -z "$1" ]];then
+echo "Need TARGET DIR"
+exit
+fi
+target_dir="${1}"   # 要处理的目标目录
+
+########################################
+# 读取 ace-base.config 生成替换字典
+########################################
+declare -A replacements
+
+while IFS= read -r line; do
+    # 跳过空行
+    [[ -z "$line" ]] && continue
+    
+    # 匹配类似 @PKG_NAME@=amber-ce-bookworm 的格式
+    if [[ "$line" =~ ^@(.*)@=(.*)$ ]]; then
+        key="${BASH_REMATCH[1]}"
+        val="${BASH_REMATCH[2]}"
+        replacements["$key"]="$val"
+    fi
+done < "$config_file"
+
+########################################
+# 第一步：文本文件内容替换
+########################################
+# 定义一个函数来判断文件是否是文本文件（示例仅供参考）
+is_text_file() {
+    local f="$1"
+    file --mime-type "$f" | grep -q "text/"
+}
+
+# 查找所有文件，逐一判断是否文本类型，如果是则进行内容替换
+find "$target_dir" -type f -print0 | while IFS= read -r -d '' file; do
+    if is_text_file "$file"; then
+        for key in "${!replacements[@]}"; do
+            # 用 sed 对文件内容进行替换
+            sed -i "s|@$key@|${replacements[$key]}|g" "$file"
+        done
+    fi
+done
+
+########################################
+# 第二步：先重命名文件
+########################################
+find "$target_dir" -type f -print0 | while IFS= read -r -d '' file; do
+    # 拆分目录和文件名
+    dir_path="$(dirname "$file")"
+    filename="$(basename "$file")"
+
+    newfilename="$filename"
+    for key in "${!replacements[@]}"; do
+        newfilename="${newfilename//@$key@/${replacements[$key]}}"
+    done
+
+    # 如果新文件名和原文件名不同，则执行重命名
+    if [[ "$newfilename" != "$filename" ]]; then
+        mv -v "$file" "$dir_path/$newfilename"
+    fi
+done
+
+########################################
+# 第三步：再重命名目录（由浅到深）
+########################################
+# 先按目录层级进行排序（层数少的先处理）
+# awk -F/ '{print NF, $0}' 会将路径按 / 分割并统计层数，然后 sort -n 升序，层数越小越先处理
+find "$target_dir" -type d | awk -F/ '{print NF, $0}' | sort -n | cut -d' ' -f2- | while IFS= read -r dir; do
+    # 如果要连同最顶层目录一起改名，可以保留；若不需要改最顶层，可以加条件跳过
+    # [ "$dir" = "$target_dir" ] && continue  # 如需跳过顶层可取消注释
+
+    parent_path="$(dirname "$dir")"
+    dirname_only="$(basename "$dir")"
+
+    newdirname="$dirname_only"
+    for key in "${!replacements[@]}"; do
+        newdirname="${newdirname//@$key@/${replacements[$key]}}"
+    done
+
+    # 需要改名则执行
+    if [[ "$newdirname" != "$dirname_only" ]]; then
+        mv -v "$dir" "$parent_path/$newdirname"
+    fi
+done
+    
+
+echo "处理完成！"
@@ -0,0 +1,7 @@
+#!/bin/bash
+HERE=$(dirname $(realpath $0))
+rm -fr pkg
+cp -r src pkg
+${HERE}/build.sh pkg
+fakeroot dpkg-deb -b -Z xz pkg/ .
+rm -fr pkg
@@ -0,0 +1,3 @@
+{ pkgs ? import <nixpkgs> { } }:
+
+pkgs.callPackage ./nix/package.nix { }
@@ -0,0 +1,123 @@
+# NixOS 构建与本地测试
+
+本仓库提供了实验性的 Nix 打包文件，可用于在 NixOS 上本地构建和测试 APM。
+
+## 本地构建
+
+在仓库根目录执行：
+
+```bash
+nix-build default.nix
+```
+
+构建成功后会生成 `result` 符号链接，可先做基础命令测试：
+
+```bash
+./result/bin/apm --version
+./result/bin/apm --help
+./result/bin/amber-pm-init-state --help
+```
+
+如果使用 Flake，也可以执行：
+
+```bash
+nix build .#amber-pm
+nix flake check
+```
+
+## 初始化本地状态目录
+
+APM 需要可写的 `/var/lib/apm` 目录保存自身运行环境和已安装应用。Nix 包中的文件位于只读 Nix store，因此首次测试前需要初始化状态目录：
+
+```bash
+sudo ./result/bin/amber-pm-init-state
+```
+
+如需用新构建结果覆盖 APM 自身文件，可执行：
+
+```bash
+sudo ./result/bin/amber-pm-init-state --force
+```
+
+`--force` 会原地覆盖 `/var/lib/apm/apm` 中的 APM 自身文件，不会移动、备份或删除整个 `/var/lib/apm/apm` 目录，以免影响已经安装在该目录下的 APM 应用。
+
+随后初始化内置 AmberCE 环境：
+
+```bash
+sudo /var/lib/apm/apm/files/bin/ace-init
+```
+
+完成后可继续测试：
+
+```bash
+./result/bin/apm debug
+./result/bin/apm update
+./result/bin/apm search amber-pm-
+```
+
+## 作为 NixOS Module 使用
+
+可在 NixOS 配置中引入本仓库的 module：
+
+```nix
+{ pkgs, ... }:
+{
+  imports = [
+    /path/to/amber-pm/nix/module.nix
+  ];
+
+  nixpkgs.overlays = [
+    (final: prev: {
+      amber-pm = final.callPackage /path/to/amber-pm/nix/package.nix { };
+    })
+  ];
+
+  programs.amber-pm.enable = true;
+}
+```
+
+然后执行：
+
+```bash
+sudo nixos-rebuild switch
+```
+
+该 module 会将 `amber-pm` 加入 `environment.systemPackages`，并在系统激活时初始化 `/var/lib/apm/apm`。APM 使用 bwrap 与 fuse-overlayfs，module 默认会设置 `kernel.apparmor_restrict_unprivileged_userns = 0`，并启用 `nix-ld` 以提高兼容性。
+
+## NUR/nixpkgs 打包复用
+
+`nix/package.nix` 支持外部传入 `version` 和 `src`，因此 NUR 或 nixpkgs 中可以复用同一个表达式，不必依赖本地源码路径。
+
+NUR 仓库中的示例：
+
+```nix
+{ pkgs ? import <nixpkgs> { } }:
+
+{
+  amber-pm = pkgs.callPackage ./pkgs/amber-pm {
+    version = "1.3.4.0";
+    src = pkgs.fetchFromGitHub {
+      owner = "amber-ce";
+      repo = "amber-pm";
+      rev = "v1.3.4.0";
+      hash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
+    };
+  };
+}
+```
+
+nixpkgs 中的包通常应放在类似路径：
+
+```text
+pkgs/by-name/am/amber-pm/package.nix
+```
+
+提交 nixpkgs 前建议先满足以下条件：
+
+- 使用正式 tag 或 release，不使用本地路径作为源码。
+- 固定 `src.hash`。
+- 本地通过 `nix-build -A amber-pm` 或 `nix build .#amber-pm`。
+- 确认 `apm --version`、`apm --help`、`amber-pm-init-state --help` 正常。
+- `meta` 中填写 license、homepage、platforms 和 maintainers。
+
+当前 NixOS 适配仍偏测试用途。建议先发布到 NUR 收集测试反馈，再投 nixpkgs。
@@ -0,0 +1,50 @@
+{
+  description = "Amber Package Manager packaged for NixOS testing";
+
+  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+
+  outputs =
+    { self, nixpkgs }:
+    let
+      systems = [
+        "x86_64-linux"
+        "aarch64-linux"
+        "loongarch64-linux"
+      ];
+      forAllSystems = nixpkgs.lib.genAttrs systems;
+    in
+    {
+      packages = forAllSystems (
+        system:
+        let
+          pkgs = import nixpkgs { inherit system; };
+        in
+        {
+          amber-pm = pkgs.callPackage ./nix/package.nix { };
+          default = self.packages.${system}.amber-pm;
+        }
+      );
+
+      checks = forAllSystems (
+        system:
+        let
+          pkgs = import nixpkgs { inherit system; };
+          amber-pm = self.packages.${system}.amber-pm;
+        in
+        {
+          cli-smoke = pkgs.runCommand "amber-pm-cli-smoke" { } ''
+            ${amber-pm}/bin/apm --version
+            ${amber-pm}/bin/apm --help >/dev/null
+            ${amber-pm}/bin/amber-pm-init-state --help >/dev/null
+            touch "$out"
+          '';
+        }
+      );
+
+      nixosModules.default = import ./nix/module.nix;
+
+      overlays.default = final: prev: {
+        amber-pm = final.callPackage ./nix/package.nix { };
+      };
+    };
+}
@@ -0,0 +1,34 @@
+玲珑官方搞了个这玩意，APM用户这边有人想要那我就写了，其实意义不大
+
+好用就完了，APM又快又简单
+
+| 特性                      | 如意玲珑                        | 琥珀 APM       | Snap             | AppImage                               |
+| ------------------------- | ------------------------------- | ------------- | ---------------- | -------------------------------------- |
+| 打包桌面应用              | ✔                              | ✔            | ✔               | ✔                                     |
+| 打包终端应用              | ✔                              | ✔            | ✔               | ✔                                     |
+| 处理服务器应用            | ✔                              | ✔            | ✔               | ✘                                      |
+| 打包系统服务（root 权限） | ✘                               | ✘             | ✔               | ✘                                      |
+| 主题功能正常              | ✔                              | ✔            | ✔               | ✔                                     |
+| 提供库托管服务            | ✔                              | ✔             | ✘                | ✘                                      |
+| 库/依赖来源               | 包自身携带                      | 包自身携带或使用 APM 中层 Base,用法详见[链接](https://bbs.deepin.org.cn/post/292648)              |                  |                                        |
+| SDK                       | 包自身携带                      |  无需专用SDK，复用Debian即可  |                  |                                        |
+| 商业支持                  | ✔                              | ✘             | ✔               | ✘                                      |
+| 应用商店数量              | 预计 4700+                      | 200+常用软件，持续扩充中         | 6600+            | 1300+                                  |
+| 开发工具支持              | linglong-builder                | 任意支持部署到debian的工具均支持 | electron-builder |                                        |
+| 容器支持                  | ✔                              | ✔            | ✔               | ◐ （官方不提供，技术上可行）           |
+| rootless 容器             | ✔                              | ✔             | ✘                | ✘                                      |
+| 不安装运行                | ✔ （提供 Bundle 模式）         | ◐ （官方不提供，技术上可行）             | ✘                | ✔                                     |
+| 不解压运行                | ✔ （提供 Bundle 模式）         | ◐ （官方不提供，技术上可行）             | ✔               | ✔                                     |
+| 自分发/绿色格式分发       | ✔                              | ◐ （官方不提供，技术上可行）             | ✘                | ✔                                     |
+| 支持 Wine 应用运行        | ✔                              | ✔  | ◐ （理论可行）   | ◐ （使用 LD 修改 open 调用，兼容性差） |
+| 离线环境支持              | ✔                              | ✔            | ✔               | ✔                                     |
+| 权限管理                  | ✔                              | ✘            | ✔               | ✘                                      |
+| 中心仓库                  | mirror-repo-linglong.deepin.com | 星火应用商店       | Snap Store       | AppImageHub                            |
+| 多版本共存                | ✔                              | ✔            | ✔               | ✔                                     |
+| 点对点分发                | ✔                              | ✔            | ✔               | ✔                                     |
+| 多镜像源加速分发               | ✘                              | ✔            | ✘               | ◐ （官方不提供，技术上可行）                                     |
+| 作为普通安装包直接安装到宿主机               | ✘                              | ✔            | ✘               | ✘                                     |
+| 自定义生成 runtime base               | ✘                              | ✔            | ✘               | ✘                                     |
+| 多级layer自动管理               | ◐ （理论可行）                              | ✔            | ✘               | ✘                                     |
+| 一键直接转换 Debian 标准软件包               |  ✘                              | ✔            | ✘               | ✘                                     |
+| 应用升级                  | 仓库升级                        | 仓库升级      | 仓库升级         | 官方工具升级                           |
@@ -0,0 +1,84 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+
+let
+  cfg = config.programs.amber-pm;
+  apmXdgDataDir = "/var/lib/apm/apm/files/ace-env/amber-ce-tools/data-dir";
+
+  aceRuntimePath = lib.makeBinPath (with pkgs; [
+    bash
+    bubblewrap
+    coreutils
+    gawk
+    gnugrep
+    gnused
+    gnutar
+    sudo
+  ]);
+in
+{
+  options.programs.amber-pm = {
+    enable = lib.mkEnableOption "Amber Package Manager";
+
+    package = lib.mkPackageOption pkgs "amber-pm" { };
+
+    initializeState = lib.mkOption {
+      type = lib.types.bool;
+      default = true;
+      description = "Create /var/lib/apm/apm during system activation when it does not already exist.";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    environment.systemPackages = [ cfg.package ];
+    environment.sessionVariables.XDG_DATA_DIRS = lib.mkAfter [ apmXdgDataDir ];
+    environment.etc."systemd/user-environment-generators/60-apm".source =
+      pkgs.writeShellScript "60-apm" ''
+        apm_xdg_data_dir=${lib.escapeShellArg apmXdgDataDir}
+        xdg_data_dirs="''${XDG_DATA_DIRS:-/usr/local/share:/usr/share}"
+
+        case ":$xdg_data_dirs:" in
+          *":$apm_xdg_data_dir:"*) ;;
+          *) xdg_data_dirs="$xdg_data_dirs:$apm_xdg_data_dir" ;;
+        esac
+
+        printf 'XDG_DATA_DIRS=%s\n' "$xdg_data_dirs"
+      '';
+
+    programs.nix-ld.enable = lib.mkDefault true;
+
+    boot.kernel.sysctl."kernel.apparmor_restrict_unprivileged_userns" = lib.mkDefault 0;
+
+    system.activationScripts.amber-pm-state = lib.mkIf cfg.initializeState ''
+      export PATH="${aceRuntimePath}:$PATH"
+      target="/var/lib/apm/apm"
+      version_file="$target/.amber-pm-version"
+      current_version="${cfg.package.version}"
+
+      if [ ! -e "$target" ]; then
+        echo "APM state directory not found, initializing..."
+        ${cfg.package}/bin/amber-pm-init-state
+        echo "Running ace-init for first-time setup..."
+        /var/lib/apm/apm/files/bin/ace-init
+      elif [ -f "$version_file" ]; then
+        stored_version="$(cat "$version_file")"
+        if [ "$stored_version" != "$current_version" ]; then
+          echo "APM version changed ($stored_version -> $current_version), re-initializing..."
+          ${cfg.package}/bin/amber-pm-init-state --force
+          echo "Running ace-init..."
+          /var/lib/apm/apm/files/bin/ace-init
+        else
+          echo "APM version unchanged ($current_version), skipping ace-init."
+        fi
+      else
+        echo "No version file found, refreshing state and running ace-init..."
+        ${cfg.package}/bin/amber-pm-init-state --force
+        /var/lib/apm/apm/files/bin/ace-init
+      fi
+    '';
+  };
+}
@@ -0,0 +1,202 @@
+{
+  lib,
+  stdenvNoCC,
+  makeWrapper,
+  bash,
+  bubblewrap,
+  coreutils,
+  curl,
+  desktop-file-utils,
+  dpkg,
+  fakeroot,
+  file,
+  findutils,
+  fuse-overlayfs,
+  gawk,
+  glib,
+  gnugrep,
+  gnused,
+  gzip,
+  libnotify,
+  procps,
+  sudo,
+  systemd,
+  gnutar,
+  util-linux,
+  which,
+  xdg-user-dirs,
+  xz,
+  zenity,
+  version ? "1.3.4.0",
+  sourceRoot ? ../.,
+  src ? lib.cleanSourceWith {
+    src = sourceRoot;
+    filter =
+      path: type:
+      let
+        base = baseNameOf path;
+      in
+      ! lib.elem base [
+        ".git"
+        "result"
+      ];
+  },
+}:
+
+let
+  runtimePath = lib.makeBinPath [
+    bash
+    bubblewrap
+    coreutils
+    curl
+    desktop-file-utils
+    dpkg
+    fakeroot
+    file
+    findutils
+    fuse-overlayfs
+    gawk
+    glib
+    gnugrep
+    gnused
+    gzip
+    libnotify
+    procps
+    sudo
+    systemd
+    gnutar
+    util-linux
+    which
+    xdg-user-dirs
+    xz
+    zenity
+  ];
+in
+stdenvNoCC.mkDerivation {
+  pname = "amber-pm";
+  inherit version;
+
+  inherit src;
+
+  nativeBuildInputs = [ makeWrapper ];
+
+  dontConfigure = true;
+  dontBuild = true;
+
+  installPhase = ''
+    runHook preInstall
+
+    echo "copying Debian-style install tree"
+    mkdir -p "$out"
+    cp -a src/* "$out"/
+
+    rm -f "$out/usr/bin/apm" \
+      "$out/usr/bin/amber-pm-debug" \
+      "$out/usr/bin/amber-pm-configure-nvidia"
+
+    echo "substituting version and store paths"
+    substituteInPlace "$out/usr/libexec/apm/apm-main" \
+      --replace-fail '@VERSION@' '${version}' \
+      --replace-fail '/usr/libexec/apm/apm-eggs' "$out/usr/libexec/apm/apm-eggs"
+
+    while IFS= read -r -d "" file; do
+      if grep -Iq '@VERSION@' "$file" && grep -q '@VERSION@' "$file"; then
+        sed -i 's|@VERSION@|${version}|g' "$file"
+      fi
+    done < <(find "$out/usr" "$out/etc" -type f -print0)
+
+    echo "patching host script shebangs"
+    patchShebangs "$out/usr/bin" "$out/usr/libexec"
+    patchShebangs \
+      "$out/var/lib/apm/apm/files/ace-run" \
+      "$out/var/lib/apm/apm/files/ace-run-pkg" \
+      "$out/var/lib/apm/apm/files/bin/ace-init" \
+      "$out/var/lib/apm/apm/files/bin/ace-run" \
+      "$out/var/lib/apm/apm/files/bin/amber-ce-configure-nvidia" \
+      "$out/var/lib/apm/apm/files/build-container.sh" \
+      "$out/var/lib/apm/apm/files/feedback.sh" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/ace-upgrader/ace-upgrader" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/container-init/init.sh" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/bin-override/apm-debug" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/bin-override/bwrap" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/bin-override/gio" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/bin-override/pkexec" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/bin-override/sudo" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/bin-override/xdg-open"
+
+    echo "installing wrappers"
+    mkdir -p "$out/bin" "$out/share/amber-pm/var-lib-apm"
+    ln -s /var/lib/apm/apm/files/bin/ace-run "$out/bin/amber-pm-debug"
+    ln -s /var/lib/apm/apm/files/bin/amber-ce-configure-nvidia "$out/bin/amber-pm-configure-nvidia"
+
+    for prog in "$out"/usr/bin/*; do
+      if [ -f "$prog" ] || [ -L "$prog" ]; then
+        name="$(basename "$prog")"
+        if [ "$name" != apm ] \
+          && [ "$name" != amber-pm-debug ] \
+          && [ "$name" != amber-pm-configure-nvidia ]; then
+          makeWrapper "$prog" "$out/bin/$name" \
+            --prefix PATH : "$out/bin:${runtimePath}"
+        fi
+      fi
+    done
+
+    cp -a "$out/var/lib/apm/apm" "$out/share/amber-pm/var-lib-apm/apm"
+    rm -rf "$out/var"
+
+    makeWrapper "$out/usr/libexec/apm/apm-main" "$out/bin/apm" \
+      --prefix PATH : "$out/bin:${runtimePath}"
+
+    cat > "$out/bin/amber-pm-init-state" <<'EOF'
+#!@bash@/bin/bash
+set -euo pipefail
+
+if [ "''${1:-}" = "--help" ]; then
+  echo "Usage: amber-pm-init-state [--force]"
+  echo "Initializes /var/lib/apm/apm from the Nix store seed."
+  exit 0
+fi
+
+if [ "$(id -u)" != 0 ]; then
+  echo "amber-pm-init-state must be run as root because it writes /var/lib/apm" >&2
+  exit 1
+fi
+
+seed="@out@/share/amber-pm/var-lib-apm/apm"
+target="/var/lib/apm/apm"
+
+mkdir -p /var/lib/apm
+if [ -e "$target" ] && [ "''${1:-}" != "--force" ]; then
+  echo "$target already exists; leaving it untouched."
+  echo "Run 'amber-pm-init-state --force' to refresh APM's own files."
+  exit 0
+fi
+
+mkdir -p "$target"
+cp -a "$seed"/. "$target"/
+echo '@version@' > "$target/.amber-pm-version"
+chmod -R u+rwX "$target"
+echo "Initialized $target"
+echo "Next step: run '/var/lib/apm/apm/files/bin/ace-init' as root, or run 'apm --help' for CLI smoke testing."
+EOF
+    substituteInPlace "$out/bin/amber-pm-init-state" \
+      --replace-fail '@bash@' '${bash}' \
+      --replace-fail '@out@' "$out" \
+      --replace-fail '@version@' '${version}'
+    chmod +x "$out/bin/amber-pm-init-state"
+
+    runHook postInstall
+  '';
+
+  meta = {
+    description = "bwrap and fuse-overlayfs based package manager for Debian-style application containers";
+    homepage = "https://gitee.com/amber-ce/amber-pm/";
+    license = lib.licenses.gpl3Only;
+    platforms = [
+      "x86_64-linux"
+      "aarch64-linux"
+      "loongarch64-linux"
+    ];
+    maintainers = [ ];
+  };
+}
@@ -0,0 +1,14 @@
+Package: apm
+Source: amber-ce
+Version: @VERSION@
+Architecture: amd64
+Maintainer: shenmo <shenmo@spark-app.store>
+Installed-Size: 49388
+Depends: zenity | garma,bubblewrap, flatpak,  policykit-1 | pkexec | polkit-1 | polkit, systemd, procps,coreutils,fuse-overlayfs,xz-utils | xz,libnotify-bin,curl,xdg-user-dirs,bash
+Recommends: dpkg, fakeroot, busybox
+Section: misc
+Conflicts: ace-host-integration
+Priority: optional
+Multi-Arch: foreign
+Homepage: https://gitee.com/amber-ce/amber-pm/
+Description: bwrap wrapper for install and running debs inside a Amber-PM container
@@ -0,0 +1,35 @@
+#!/bin/bash
+export PACKAGE_NAME="$DPKG_MAINTSCRIPT_PACKAGE"
+
+
+case "$1" in
+	configure)
+/var/lib/apm/$PACKAGE_NAME/files/bin/ace-init
+systemctl daemon-reload
+systemctl enable apm-daily-update
+systemctl start apm-daily-update
+systemctl restart apparmor.service || true
+mkdir -p /etc/apparmor.d/disable/
+ln -sv /etc/apparmor.d/bwrap-userns-restrict /etc/apparmor.d/disable/
+
+        if [ -f /usr/lib/sysctl.d/apm.conf ];then
+                sysctl -p /usr/lib/sysctl.d/apm.conf
+        fi
+systemctl reload apparmor
+		# Send statistics data
+		/var/lib/apm/apm/files/feedback.sh &
+        ln -sv / /host
+		amber-pm-dstore-patch
+
+;;
+	triggered)
+		      amber-pm-configure-nvidia-host
+            amber-pm-dstore-patch
+
+	;;
+esac
+
+
+
+
+true
@@ -0,0 +1,28 @@
+#!/bin/bash
+PACKAGE_NAME="$DPKG_MAINTSCRIPT_PACKAGE"
+systemctl stop apm-daily-update
+systemctl disable apm-daily-update
+
+
+
+if [ "$1" = "remove" ] || [ "$1" = "purge" ];then
+
+echo "清理卸载残留"
+
+rm -rf /var/lib/apm/
+for username in $(ls /home)
+    do
+        echo /home/$username
+        if [ -d "/home/$username/.apm/" ]
+        then
+            rm -fr "/home/$username/.apm/"
+        fi
+done
+
+
+else
+echo "非卸载，跳过清理"
+fi
+
+
+
@@ -0,0 +1 @@
+interest-noawait /var/lib/apm
@@ -0,0 +1,17 @@
+
+
+
+
+# Ensure base distro defaults xdg path are set if nothing filed up some
+# defaults yet.
+if [ -z "$XDG_DATA_DIRS" ]; then
+    export XDG_DATA_DIRS="/usr/local/share:/usr/share"
+fi
+
+# Desktop files (used by desktop environments within both X11 and Wayland) are
+# looked for in XDG_DATA_DIRS; make sure it includes the relevant directory for ACE
+ACE_path="/var/lib/apm/apm/files/ace-env/amber-ce-tools/data-dir/"
+if [ -n "${XDG_DATA_DIRS##*${ACE_path}}" ] && [ -n "${XDG_DATA_DIRS##*${ACE_path}:*}" ]; then
+    export XDG_DATA_DIRS="${XDG_DATA_DIRS}:${ACE_path}"
+fi
+
@@ -0,0 +1,9 @@
+abi <abi/4.0>,
+include <tunables/global>
+
+profile bwrap /usr/bin/bwrap flags=(unconfined) {
+  userns,
+
+  # Site-specific additions and overrides. See local/README for details.
+  include if exists <local/bwrap>
+}
@@ -0,0 +1,2 @@
+deb [signed-by=/etc/apt/trusted.gpg.d/apm.gpg] https://d.spark-app.store/apm-deb-source /
+# 上面这行配置可在4.1.2+版本普及后启用，可以做到分不同目录
@@ -0,0 +1,16 @@
+
+
+
+# Ensure base distro defaults xdg path are set if nothing filed up some
+# defaults yet.
+if [ -z "$XDG_DATA_DIRS" ]; then
+    export XDG_DATA_DIRS="/usr/local/share:/usr/share"
+fi
+
+# Desktop files (used by desktop environments within both X11 and Wayland) are
+# looked for in XDG_DATA_DIRS; make sure it includes the relevant directory for ACE
+ACE_path="/var/lib/apm/apm/files/ace-env/amber-ce-tools/data-dir/"
+if [ -n "${XDG_DATA_DIRS##*${ACE_path}}" ] && [ -n "${XDG_DATA_DIRS##*${ACE_path}:*}" ]; then
+    export XDG_DATA_DIRS="${XDG_DATA_DIRS}:${ACE_path}"
+fi
+
@@ -0,0 +1,427 @@
+#!/bin/bash
+
+# APM Addons 包创建工具 - 用于创建可在 base 上叠加的 addons 层
+log.warn()  { echo -e "[\e[33mWARN\e[0m]:  \e[1m$*\e[0m"; }
+log.error() { echo -e "[\e[31mERROR\e[0m]: \e[1m$*\e[0m"; }
+log.info()  { echo -e "[\e[96mINFO\e[0m]:  \e[1m$*\e[0m"; }
+log.debug() { echo -e "[\e[32mDEBUG\e[0m]: \e[1m$*\e[0m"; }
+
+SCRIPT_NAME=$(basename "$0")
+
+if ! command -v dpkg > /dev/null ; then
+    log.error "若想使用APM addons包创建工具，您需先安装dpkg"
+    exit 1
+fi
+
+# 显示用法信息
+usage() {
+    echo "用法: $SCRIPT_NAME --base <base-name> [--manual] [--pkgname <包名>] [--version <版本>] [deb文件路径]"
+    echo ""
+    echo "参数说明:"
+    echo "  --base       必填参数，指定基础环境名称（addons 将叠加在此 base 上）"
+    echo "  --manual     启用手动模式：融合挂载后打开交互 shell，退出后脚本继续"
+    echo "  --pkgname    可选参数，指定新包的包名（默认格式：<base>-addons）"
+    echo "  --version    可选参数，指定新包的版本号（默认：1.0.0-apm）"
+    echo "  deb文件路径  可选参数，要安装到 addons 环境中的 Deb 文件路径"
+    echo ""
+    echo "示例:"
+    echo "  $SCRIPT_NAME --base amber-pm-bookworm"
+    echo "  $SCRIPT_NAME --base amber-pm-bookworm --manual"
+    echo "  $SCRIPT_NAME --base amber-pm-trixie --pkgname amber-pm-trixie-nvidia-addons --version 1.0.0"
+    echo "  $SCRIPT_NAME --base amber-pm-bookworm /path/to/nvidia-driver.deb"
+    echo ""
+    echo "说明: addons 包命名格式建议为 <base>-<描述>-addons"
+}
+
+# 解析参数
+BASE_NAME=""
+DEB_PATH=""
+PKGNAME=""
+VERSION=""
+MANUAL_MODE=false
+
+while [ $# -gt 0 ]; do
+    case "$1" in
+        --base)
+            if [ -z "$2" ]; then
+                log.error "--base 后需要跟名称"
+                usage
+                exit 1
+            fi
+            BASE_NAME="$2"
+            shift 2
+            ;;
+        --pkgname)
+            PKGNAME="$2"
+            shift 2
+            ;;
+        --version)
+            VERSION="$2"
+            shift 2
+            ;;
+        --manual)
+            MANUAL_MODE=true
+            shift
+            ;;
+        -*)
+            log.error "未知选项: $1"
+            usage
+            exit 1
+            ;;
+        *)
+            if [ -z "$DEB_PATH" ]; then
+                DEB_PATH="$1"
+                shift
+            else
+                log.error "未知参数或多余的参数: $1"
+                usage
+                exit 1
+            fi
+            ;;
+    esac
+done
+
+# 基本参数验证
+if [ -z "$BASE_NAME" ]; then
+    log.error "错误：必须提供 --base 参数"
+    usage
+    exit 1
+fi
+
+# 检查 base 是否存在
+BASE_DIR="/var/lib/apm/${BASE_NAME}"
+if [ ! -d "$BASE_DIR" ]; then
+    # 也检查 ace-env 内的路径
+    BASE_DIR_ALT="/var/lib/apm/apm/files/ace-env/var/lib/apm/${BASE_NAME}"
+    if [ -d "$BASE_DIR_ALT" ]; then
+        BASE_DIR="$BASE_DIR_ALT"
+    else
+        log.error "错误：基础环境不存在: $BASE_NAME"
+        exit 1
+    fi
+fi
+
+log.info "基础环境: $BASE_NAME"
+log.info "基础环境路径: $BASE_DIR"
+
+# 如果传入了 DEB_PATH，检查文件是否存在
+if [ -n "$DEB_PATH" ] && [ ! -f "$DEB_PATH" ]; then
+    log.error "错误：DEB文件不存在: $DEB_PATH"
+    exit 1
+fi
+
+# 1. 创建临时工作目录
+CRAFT_DIR="$HOME/apm-addons-craft-$$"
+log.info "创建临时工作目录: $CRAFT_DIR"
+mkdir -p "$CRAFT_DIR"/{core,work,mergedir,new-pkg}
+export CRAFT_DIR
+
+# 检查是否已挂载，避免重复挂载
+cleanup_mount() {
+    if mountpoint -q "$CRAFT_DIR/mergedir"; then
+        log.info "解除挂载: $CRAFT_DIR/mergedir"
+        sudo umount "$CRAFT_DIR/mergedir" || true
+    fi
+}
+
+# 清理函数
+cleanup() {
+    log.info "开始清理..."
+    cleanup_mount
+    if [ -d "$CRAFT_DIR" ]; then
+        log.info "删除临时目录: $CRAFT_DIR"
+        sudo rm -rf "$CRAFT_DIR"
+    fi
+}
+
+# 设置退出时清理
+trap cleanup EXIT
+
+# 2. 构建 lowerdir 路径（base + base 的现有 addons）
+log.info "构建 overlay lowerdir 路径..."
+LOWERDIRS=()
+
+# 添加 base 本身
+BASE_CORE_PATH="${BASE_DIR}/files/core"
+BASE_ACEENV_PATH="${BASE_DIR}/files/ace-env"
+
+if [ -d "$BASE_ACEENV_PATH" ]; then
+    log.info "使用 base ace-env 路径: $BASE_ACEENV_PATH"
+    LOWERDIRS+=("$BASE_ACEENV_PATH")
+elif [ -d "$BASE_CORE_PATH" ]; then
+    log.info "使用 base core 路径: $BASE_CORE_PATH"
+    LOWERDIRS+=("$BASE_CORE_PATH")
+else
+    log.error "错误：基础环境路径不存在: $BASE_NAME"
+    exit 1
+fi
+
+# 添加 base 已有的 addons
+_add_base_addons() {
+    local base_pkg_dir="$1"
+    local addon_file
+    local addon_name
+    local addon_dirs=()
+
+    # 读取 info_layer_addons 主文件
+    if [ -f "${base_pkg_dir}/info_layer_addons" ]; then
+        while IFS= read -r addon_name; do
+            [ -z "$addon_name" ] && continue
+            addon_dirs+=("$addon_name")
+        done < "${base_pkg_dir}/info_layer_addons"
+    fi
+
+    # 读取 info_layer_addons.d 目录
+    if [ -d "${base_pkg_dir}/info_layer_addons.d" ]; then
+        for addon_file in $(ls -1 "${base_pkg_dir}/info_layer_addons.d" 2>/dev/null | sort); do
+            addon_name="${addon_file#*-}"
+            [ -z "$addon_name" ] && continue
+            addon_dirs+=("$addon_name")
+        done
+    fi
+
+    local addon
+    for addon in "${addon_dirs[@]}"; do
+        local addon_path="/var/lib/apm/${addon}"
+        if [ ! -d "$addon_path" ]; then
+            addon_path="/var/lib/apm/apm/files/ace-env/var/lib/apm/${addon}"
+        fi
+
+        if [ -d "${addon_path}/files/ace-env" ]; then
+            log.info "  挂载已有 addon: $addon (ace-env)"
+            LOWERDIRS+=("${addon_path}/files/ace-env")
+        elif [ -d "${addon_path}/files/core" ]; then
+            log.info "  挂载已有 addon: $addon (core)"
+            LOWERDIRS+=("${addon_path}/files/core")
+        else
+            log.warn "已有 addon 路径不存在，跳过: $addon"
+        fi
+    done
+}
+
+_add_base_addons "$BASE_DIR"
+
+# 将 lowerdirs 数组用冒号连接
+LOWERDIR=$(IFS=:; echo "${LOWERDIRS[*]}")
+log.debug "最终 lowerdir: $LOWERDIR"
+
+# 3. 进行融合挂载
+log.info "正在进行融合挂载..."
+sudo fuse-overlayfs \
+    -o "lowerdir=$LOWERDIR,upperdir=$CRAFT_DIR/core/,workdir=$CRAFT_DIR/work/" \
+    "$CRAFT_DIR/mergedir"
+
+if ! mountpoint -q "$CRAFT_DIR/mergedir"; then
+    log.error "错误：融合挂载失败"
+    exit 1
+fi
+
+log.info "挂载完成: $CRAFT_DIR/mergedir"
+
+# 导出 chrootEnvPath 以便 ace-run-pkg 使用
+export chrootEnvPath="$CRAFT_DIR/mergedir"
+log.debug "已导出 chrootEnvPath=$chrootEnvPath"
+
+# 如果在手动模式下，立即打开交互 shell 并在退出后继续
+if [ "$MANUAL_MODE" = true ]; then
+    log.info "进入手动模式：将在融合挂载环境中打开交互 shell（使用 ace-run-pkg）。"
+    log.info "在 shell 中，您可以手动修改、测试安装或进行其他操作。退出 shell 后脚本将继续。"
+    sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg bash --login || {
+        log.warn "ace-run-pkg shell 退出或出现错误，继续脚本..."
+    }
+    log.info "用户已退出手动 shell，脚本将继续。"
+
+    while true; do
+        echo ""
+        read -r -p "是否现在进行 addons 包的自动打包？ (y = 打包, r = 返回 shell, n = 跳过打包) [y/r/n]: " yn
+        case "$yn" in
+            y|Y)
+                break
+                ;;
+            r|R)
+                log.info "返回交互 shell（使用 ace-run-pkg）。退出 shell 后再次询问。"
+                sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg bash --login || true
+                ;;
+            n|N)
+                log.info "跳过自动打包。脚本结束。"
+                exit 0
+                ;;
+            *)
+                echo "请输入 y, r, 或 n。"
+                ;;
+        esac
+    done
+fi
+
+# 4. 如果有 DEB 文件，进行安装
+if [ -n "$DEB_PATH" ]; then
+    log.info "在融合环境中更新包列表..."
+    sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg aptss update || log.warn "aptss update 返回非零状态，继续但请注意"
+
+    log.info "在融合环境中安装 DEB 包..."
+    if ! sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg ssaudit "$DEB_PATH" --native --no-create-desktop-entry ; then
+        log.error "错误：DEB 包安装失败（ssaudit）"
+        exit 1
+    fi
+    log.info "DEB 包安装完成（ssaudit）"
+fi
+
+# 清理 apt 缓存和包列表（无论是否有 DEB 文件或是否 manual 模式）
+log.info "清理 apt 缓存..."
+sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg aptss clean || true
+sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg rm -vfr /var/lib/apt/lists || true
+sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg rm -vfr /var/lib/aptss/lists || true
+sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg rm -vfr /var/cache/apt/archives/* || true
+
+# 5. 清理 .dpkg-new 文件
+log.info "搜索并清理 .dpkg-new 文件..."
+find "$CRAFT_DIR/core" -name "*.dpkg-new" 2>/dev/null | while read -r file; do
+    sudo rm -vfr "$file"
+done
+
+COUNT=$(find "$CRAFT_DIR/core" -name "*.dpkg-new" -type f 2>/dev/null | wc -l)
+if [ "$COUNT" -eq 0 ]; then
+    log.info "已清理所有 .dpkg-new 文件"
+else
+    log.warn "仍有 $COUNT 个 .dpkg-new 文件存在"
+fi
+
+# 6. 准备打包参数
+ORIG_ARCH="$(dpkg --print-architecture 2>/dev/null || echo "unknown")"
+
+# 确定包名
+if [ -z "$PKGNAME" ]; then
+    if [ "$MANUAL_MODE" = true ]; then
+        read -r -p "请输入要创建的 addons 包名 (建议格式: ${BASE_NAME}-<描述>-addons): " PKGNAME
+    else
+        if [ -n "$DEB_PATH" ]; then
+            DEB_PKG_NAME=$(dpkg-deb -f "$DEB_PATH" Package 2>/dev/null || echo "")
+            if [ -n "$DEB_PKG_NAME" ]; then
+                log.info "未指定包名，使用 Deb 包名生成默认格式: ${BASE_NAME}-${DEB_PKG_NAME}-addons"
+                PKGNAME="${BASE_NAME}-${DEB_PKG_NAME}-addons"
+            else
+                log.warn "无法读取 Deb 包名，使用默认格式: ${BASE_NAME}-addons"
+                PKGNAME="${BASE_NAME}-addons"
+            fi
+        else
+            log.warn "未指定包名，使用默认格式: ${BASE_NAME}-addons"
+            PKGNAME="${BASE_NAME}-addons"
+        fi
+    fi
+fi
+
+# 确定版本
+if [ -z "$VERSION" ]; then
+    if [ "$MANUAL_MODE" = true ]; then
+        read -r -p "请输入要创建的版本 (Version) [默认 1.0.0-apm]: " VERSION
+        VERSION="${VERSION:-1.0.0-apm}"
+    else
+        if [ -n "$DEB_PATH" ]; then
+            DEB_PKG_VERSION=$(dpkg-deb -f "$DEB_PATH" Version 2>/dev/null || echo "")
+            if [ -n "$DEB_PKG_VERSION" ]; then
+                log.info "未指定版本，使用 Deb 版本号: ${DEB_PKG_VERSION}"
+                VERSION="$DEB_PKG_VERSION"
+            else
+                log.warn "无法读取 Deb 版本号，使用默认版本: 1.0.0-apm"
+                VERSION="1.0.0-apm"
+            fi
+        else
+            log.warn "未指定版本，使用默认版本: 1.0.0-apm"
+            VERSION="1.0.0-apm"
+        fi
+    fi
+fi
+
+NEW_PKGNAME="$PKGNAME"
+NEW_VERSION="$VERSION"
+
+log.info "将使用的新包名: $NEW_PKGNAME"
+log.info "将使用的新版本: $NEW_VERSION"
+log.info "使用的架构: $ORIG_ARCH"
+
+# 7. 创建新的 addons 包结构
+log.info "创建新的 addons 包结构..."
+PKG_BUILD_DIR="$CRAFT_DIR/new-pkg"
+mkdir -p "$PKG_BUILD_DIR/DEBIAN"
+mkdir -p "$PKG_BUILD_DIR/var/lib/apm/$NEW_PKGNAME/files" 2>/dev/null || true
+
+# 写入 addons 自身的基础依赖信息，供 amber-pm-convert 识别并自动补依赖。
+echo "$BASE_NAME" > "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/info"
+echo "$BASE_NAME" > "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/info_addon_base"
+
+# 复制融合环境（core, work）到新的包内 files
+log.info "复制融合环境文件..."
+sudo cp -r "$CRAFT_DIR"/core "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/files/" 2>/dev/null || true
+sudo cp -r "$CRAFT_DIR"/work "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/files/" 2>/dev/null || true
+sudo chmod -R 755 "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/files/" 2>/dev/null || true
+
+# 将 addons 标记文件直接放入包内，由 dpkg 统一管理
+# 安装时自动释放到 base 的 info_layer_addons.d/，卸载时自动清理
+mkdir -p "$PKG_BUILD_DIR/var/lib/apm/${BASE_NAME}/info_layer_addons.d"
+echo "${NEW_PKGNAME}" > "$PKG_BUILD_DIR/var/lib/apm/${BASE_NAME}/info_layer_addons.d/50-${NEW_PKGNAME}"
+
+# 创建 postrm 脚本：卸载时清理包目录和用户目录残留
+# 注意：info_layer_addons.d 中的标记文件由 dpkg 自动删除，无需手动处理
+cat > "$PKG_BUILD_DIR/DEBIAN/postrm" << EOF
+#!/bin/bash
+PACKAGE_NAME="\$DPKG_MAINTSCRIPT_PACKAGE"
+
+if [ "\$1" = "remove" ] || [ "\$1" = "purge" ]; then
+    echo "清理卸载残留"
+    rm -rf "/var/lib/apm/\${PACKAGE_NAME}"
+    for username in \$(ls /home); do
+        if [ -d "/home/\${username}/.apm/\${PACKAGE_NAME}" ]; then
+            rm -fr "/home/\${username}/.apm/\${PACKAGE_NAME}"
+        fi
+    done
+else
+    echo "非卸载，跳过清理"
+fi
+EOF
+chmod +x "$PKG_BUILD_DIR/DEBIAN/postrm"
+
+# 8. 解除挂载（如果尚未解除）
+log.info "解除挂载..."
+cleanup_mount
+
+# 计算目录大小
+calculate_directory_size() {
+    local dir="$1"
+    if [ -d "$dir" ]; then
+        du -sk "$dir" | cut -f1
+    else
+        echo "0"
+    fi
+}
+
+# 创建 control 文件
+cat > "${PKG_BUILD_DIR}/DEBIAN/control" << EOF
+Package: $NEW_PKGNAME
+Version: $NEW_VERSION
+Architecture: $ORIG_ARCH
+Maintainer: APM Addons Maker <shenmo@spark-app.store>
+Depends: $BASE_NAME
+Installed-Size: $(calculate_directory_size "$PKG_BUILD_DIR")
+Description: APM addons package for ${BASE_NAME}
+  This package provides additional layers for the ${BASE_NAME} environment.
+  Addons type: ${NEW_PKGNAME#${BASE_NAME}-}
+EOF
+
+# 9. 打包并生成输出文件名
+OUTPUT_DEB="${NEW_PKGNAME}_${NEW_VERSION}_${ORIG_ARCH}.deb"
+log.info "开始使用 fakeroot 打包: $OUTPUT_DEB"
+fakeroot dpkg-deb -Z xz --build "$PKG_BUILD_DIR" "$OUTPUT_DEB" || {
+    log.error "错误：打包 addons 包失败"
+    exit 1
+}
+
+log.info "Addons 包创建完成！"
+log.info "生成的包: $OUTPUT_DEB"
+log.info "包名: $NEW_PKGNAME"
+log.info "版本: $NEW_VERSION"
+log.info "架构: $ORIG_ARCH"
+log.info "依赖: $BASE_NAME"
+log.info "说明: 安装后将在 ${BASE_NAME}/info_layer_addons.d/ 中注册此 addons"
+
+# 退出（trap 会触发 cleanup）
+exit 0
@@ -0,0 +1,84 @@
+#!/bin/bash
+
+# ===== 日志函数（简化版）=====
+log.info()  { echo "INFO: $*"; }
+log.warn()  { echo "WARN: $*"; }
+log.error() { echo "ERROR: $*"; }
+log.debug() { :; }  # APM 场景下可禁用 debug 日志
+
+# ===== APM 专用桌面文件扫描（单文件）=====
+function scan_apm_desktop_log() {
+    unset desktop_file_path
+    local pkg_name="$1"
+    local desktop_dir="/var/lib/apm/apm/files/ace-env/var/lib/apm/${pkg_name}/entries/applications"
+
+    [ -d "$desktop_dir" ] || return 1
+
+    while IFS= read -r -d '' path; do
+        [ -f "$path" ] || continue
+        if ! grep -q 'NoDisplay=true' "$path" 2>/dev/null; then
+            log.info "Found valid APM desktop file: $path"
+            export desktop_file_path="$path"
+            return 0
+        fi
+    done < <(find "$desktop_dir" -name "*.desktop" -type f -print0 2>/dev/null)
+
+    return 1
+}
+
+# ===== APM 专用桌面文件扫描（多文件列表）=====
+function scan_apm_desktop_list() {
+    local pkg_name="$1"
+    local desktop_dir="/var/lib/apm/apm/files/ace-env/var/lib/apm/${pkg_name}/entries/applications"
+    local result=""
+
+    [ -d "$desktop_dir" ] || { echo ""; return; }
+
+    while IFS= read -r -d '' path; do
+        [ -f "$path" ] || continue
+        if ! grep -q 'NoDisplay=true' "$path" 2>/dev/null; then
+            result+="${path},"
+        fi
+    done < <(find "$desktop_dir" -name "*.desktop" -type f -print0 2>/dev/null)
+
+    echo "${result%,}"
+}
+
+# ===== 启动应用 =====
+function launch_app() {
+    local desktop_path="${1#file://}"
+    local exec_cmd
+    shift  # 移除第一个参数（desktop_path），剩余的是要传递给应用的参数
+
+    # 提取并清理 Exec 行（移除字段代码如 %f %u 等）
+    exec_cmd=$(grep -m1 '^Exec=' "$desktop_path" | cut -d= -f2- | sed 's/%[fFuUdDnNickvm]*//g; s/^[[:space:]]*//; s/[[:space:]]*$//')
+    [ -z "$exec_cmd" ] && return 1
+
+    # 如果有额外参数，添加到命令中
+    if [ $# -gt 0 ]; then
+        log.info "Launching with arguments: $*"
+        exec_cmd="$exec_cmd $*"
+    fi
+
+    log.info "Launching: $exec_cmd"
+    ${SHELL:-bash} -c "$exec_cmd" 
+}
+
+# 导出函数供 ACE 环境调用
+export -f launch_app scan_apm_desktop_log scan_apm_desktop_list log.info log.error
+
+# ===== 主逻辑 =====
+[ $# -lt 1 ] && {
+    log.error "Usage: $0 <apm-package-name> [additional arguments...]"
+    exit 1
+}
+
+pkg_name="$1"
+shift  # 移除包名参数，剩余的都是要传递给应用的参数
+
+# 直接执行 launch 逻辑，并将剩余参数传递给 launch_app
+if scan_apm_desktop_log "$pkg_name" && launch_app "$desktop_file_path" "$@"; then
+    exit 0
+else
+    exit 1
+fi
@@ -0,0 +1,52 @@
+#!/bin/bash
+
+# ===== Log =====
+log.warn() { echo -e "[\e[33mWARN\e[0m]:  \e[1m$*\e[0m"; }
+log.error()  { echo -e "[\e[31mERROR\e[0m]: \e[1m$*\e[0m"; }
+log.info() { echo -e "[\e[96mINFO\e[0m]:  \e[1m$*\e[0m"; }
+log.debug()  { echo -e "[\e[32mDEBUG\e[0m]: \e[1m$*\e[0m"; }
+
+# 获取原始用户（调用 pkexec 或 sudo 的用户）
+ORIGINAL_USER="${SUDO_USER:-$USER}"
+ORIGINAL_UID=$(id -u "$ORIGINAL_USER")
+ORIGINAL_DISPLAY="${DISPLAY:-:0}"
+ORIGINAL_XAUTHORITY="${XAUTHORITY:-$HOME/.Xauthority}"
+
+# 以原始用户身份运行图形界面命令
+function run_as_user() {
+    sudo -u "$ORIGINAL_USER" DISPLAY="$ORIGINAL_DISPLAY" XAUTHORITY="$ORIGINAL_XAUTHORITY" "$@"
+}
+
+function zenity() {
+    if [[ -e /usr/bin/garma ]]; then
+        run_as_user garma "$@"
+    else
+        run_as_user "$(command -v zenity)" "$@"
+    fi
+}
+
+function notify-send() {
+    local uid="$ORIGINAL_UID"
+    sudo -u "$ORIGINAL_USER" DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/${uid}/bus" zenity --notification --text="$@"
+}
+
+# 如果当前不是 root，则用 pkexec 重新执行并传递必要的环境变量
+if [ "$UID" != "0" ]; then
+    # 保存当前环境变量，通过 env 传递给 pkexec
+    exec pkexec "$0" "$@"
+    exit $?
+fi
+
+
+
+# 用户确认
+if zenity --question --text="即将卸载 $1\n请确认" --no-wrap; then
+    # 启动卸载命令（这里假设 apm 是系统命令，请根据实际情况调整）
+    # 注意：apm 可能不存在，可替换为 apt、dnf 等
+    apm autoremove "$1" -y
+    ret=$?
+
+
+fi
+
+notify-send "卸载完成"
@@ -0,0 +1 @@
+../../var/lib/apm/apm/files/bin/amber-ce-configure-nvidia
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+APM_BASE="/var/lib/apm"
+
+# 遍历 /var/lib/apm 下的所有目录
+for dir in "$APM_BASE"/*/; do
+    # 移除末尾的斜杠获取目录名
+    dirname=$(basename "$dir")
+    
+    # 跳过名为 "apm" 的目录
+    if [[ "$dirname" == "apm" ]]; then
+        continue
+    fi
+    
+    # 检查是否存在 /var/lib/apm/目录名/files/ace-env
+    if [[ -f "$dir/files/ace-env" ]]; then
+        echo "执行 apm-configure-nvidia: $dir"
+        amber-pm-configure-nvidia "$dir/files/ace-env"
+    fi
+    
+done
@@ -0,0 +1,940 @@
+#!/bin/bash
+
+# APM软件包转换器 - 将DEB包转换为APM格式
+log.warn()  { echo -e "[\e[33mWARN\e[0m]:  \e[1m$*\e[0m"; }
+log.error() { echo -e "[\e[31mERROR\e[0m]: \e[1m$*\e[0m"; }
+log.info()  { echo -e "[\e[96mINFO\e[0m]:  \e[1m$*\e[0m"; }
+log.debug() { echo -e "[\e[32mDEBUG\e[0m]: \e[1m$*\e[0m"; }
+
+SCRIPT_NAME=$(basename "$0")
+
+is_nixos() {
+    [ -r /etc/os-release ] && . /etc/os-release && [ "${ID:-}" = "nixos" ]
+}
+
+if ! command -v dpkg > /dev/null ; then
+    log.error "若想使用APM软件包转换器，您需先安装dpkg"
+    exit 1
+fi
+
+# 显示用法信息
+usage() {
+    echo "用法: $SCRIPT_NAME [--manual] --base <basename> [basename ...] [--base <basename> ...] [--addons <addon-name> ...] <deb文件路径>"
+    echo "       或者在手动模式下不传入 DEB 文件： $SCRIPT_NAME --manual --base <basename> [basename ...] [--base <basename> ...]"
+    echo ""
+    echo "参数说明:"
+    echo "  --manual     启用手动模式：融合挂载后打开交互 shell，退出 shell 后脚本继续"
+    echo "  --basename   必填参数（非手动模式下），指定基础环境名称，可一次指定多个或多次使用"
+    echo "  --addons     可选参数，指定额外挂载的 addons 包名称，可多次使用"
+    echo "  deb文件路径  要转换的DEB文件路径（非手动且非空模式下必填）"
+    echo "  --pkgname    可选参数，指定新包的包名（默认使用原DEB包名）"
+    echo "  --version    可选参数，指定新包的版本号（默认在原版本后追加'-apm'）"
+    echo ""
+    echo "示例:"
+    echo "  $SCRIPT_NAME --base amber-pm-trixie /path/to/package.deb"
+    echo "  $SCRIPT_NAME --base amber-pm-trixie amber-pm-trixie-gxde-base /path/to/package.deb"
+    echo "  $SCRIPT_NAME --base amber-pm-trixie --addons amber-pm-trixie-nvidia-addons /path/to/package.deb"
+    echo "  $SCRIPT_NAME --manual --base amber-pm-trixie   # 只融合挂载并进入手动 shell"
+    echo "  $SCRIPT_NAME --manual --base amber-pm-trixie --pkgname newpkg --version 1.2.3 /path/to/package.deb"
+    echo ""
+    echo "说明: 最下层的base在最后面，从上到下写base"
+}
+
+# 解析参数
+BASENAMES=()        # 存放实际用于构建 overlay 的 base（可能会被递归添加）
+BASENAMES_ORIG=()   # 存放用户原始输入的 base 列表（用于 control 中 Depends 等）
+ADDONS=()           # 存放用户显式指定的 addons 包名
+SELECTED_ADDONS=()  # 存放本次转换要写入应用 info_layer_addons 的 addons
+DEB_PATH=""
+PKGNAME=""
+VERSION=""
+MANUAL_MODE=false
+
+# 简单参数解析（顺序敏感）
+while [ $# -gt 0 ]; do
+    case "$1" in
+        --base)
+            shift
+            if [ $# -eq 0 ] || [[ "$1" == -* ]]; then
+                log.error "--base 后需要跟名称"
+                usage
+                exit 1
+            fi
+            while [ $# -gt 0 ]; do
+                [[ "$1" == -* ]] && break
+                if [ -n "$DEB_PATH" ]; then
+                    log.error "未知参数或多余的参数: $1"
+                    usage
+                    exit 1
+                fi
+                if [ -f "$1" ]; then
+                    DEB_PATH="$1"
+                    shift
+                    break
+                fi
+                BASENAMES+=("$1")
+                BASENAMES_ORIG+=("$1")
+                shift
+            done
+            ;;
+        --addons)
+            if [ -z "$2" ]; then
+                log.error "--addons 后需要跟 addons 包名"
+                usage
+                exit 1
+            fi
+            ADDONS+=("$2")
+            SELECTED_ADDONS+=("$2")
+            shift 2
+            ;;
+        --pkgname)
+            PKGNAME="$2"
+            shift 2
+            ;;
+        --version)
+            VERSION="$2"
+            shift 2
+            ;;
+        --manual)
+            MANUAL_MODE=true
+            shift
+            ;;
+        -*)
+            log.error "未知选项: $1"
+            usage
+            exit 1
+            ;;
+        *)
+            # 非选项，视为 DEB 路径（只接受第一个非选项作为 DEB）
+            if [ -z "$DEB_PATH" ]; then
+                DEB_PATH="$1"
+                shift
+            else
+                log.error "未知参数或多余的参数: $1"
+                usage
+                exit 1
+            fi
+            ;;
+    esac
+done
+
+# 基本参数验证：
+# 如果不是手动模式，则至少需要一个 --base 和一个 deb 文件
+if [ "$MANUAL_MODE" = false ]; then
+    if [ ${#BASENAMES[@]} -eq 0 ] || [ -z "$DEB_PATH" ]; then
+        log.error "错误：非手动模式下至少需要一个 --base 参数 且 必须提供 DEB 文件路径"
+        usage
+        exit 1
+    fi
+else
+    # 手动模式下允许没有 DEB_FILE，但仍然要有至少一个 base
+    if [ ${#BASENAMES[@]} -eq 0 ]; then
+        log.error "错误：手动模式下仍需提供至少一个 --base 参数"
+        usage
+        exit 1
+    fi
+fi
+
+# 如果传入了 DEB_PATH，检查文件是否存在
+if [ -n "$DEB_PATH" ] && [ ! -f "$DEB_PATH" ]; then
+    log.error "错误：DEB文件不存在: $DEB_PATH"
+    exit 1
+fi
+
+log.info "开始转换（手动模式: $MANUAL_MODE）"
+log.info "基础环境数量: ${#BASENAMES_ORIG[@]}"
+for i in "${!BASENAMES_ORIG[@]}"; do
+    log.info "  原始基础环境 $((i+1)): ${BASENAMES_ORIG[$i]}"
+done
+
+if [ -n "$DEB_PATH" ]; then
+    log.info "目标 DEB: $DEB_PATH"
+else
+    log.info "未提供 DEB 文件，处于纯手动模式（手动修改/安装/打包）"
+fi
+
+# 1. 创建临时工作目录
+CRAFT_DIR="$HOME/apm-craft-$$"
+log.info "创建临时工作目录: $CRAFT_DIR"
+mkdir -p "$CRAFT_DIR"/{core,work,mergedir,modified_deb,extract,new-pkg}
+export CRAFT_DIR
+
+# 检查是否已挂载，避免重复挂载
+cleanup_mount() {
+    if mountpoint -q "$CRAFT_DIR/mergedir"; then
+        log.info "解除挂载: $CRAFT_DIR/mergedir"
+        sudo umount "$CRAFT_DIR/mergedir" || true
+    fi
+}
+
+# 清理函数
+cleanup() {
+    log.info "开始清理..."
+    cleanup_mount
+    if [ -d "$CRAFT_DIR" ]; then
+        log.info "删除临时目录: $CRAFT_DIR"
+        sudo rm -rf "$CRAFT_DIR"
+    fi
+}
+
+# 设置退出时清理
+trap cleanup EXIT
+
+# 辅助函数：追加数组项并去重
+_append_unique() {
+    local array_name="$1"
+    local item="$2"
+    [ -z "$item" ] && return
+
+    local existing
+    eval 'for existing in "${'"$array_name"'[@]}"; do
+        [ "$existing" = "$item" ] && return
+    done'
+    eval "$array_name"'+=("$item")'
+}
+
+_pkg_dir() {
+    local pkgname="$1"
+    local pkg_dir="/var/lib/apm/${pkgname}"
+    if [ ! -d "$pkg_dir" ]; then
+        pkg_dir="/var/lib/apm/apm/files/ace-env/var/lib/apm/${pkgname}"
+    fi
+    [ -d "$pkg_dir" ] && echo "$pkg_dir"
+}
+
+_is_addon_pkg() {
+    local pkg_dir
+    pkg_dir="$(_pkg_dir "$1")"
+    [ -n "$pkg_dir" ] && [ -f "${pkg_dir}/info_addon_base" ]
+}
+
+# 递归获取info文件中的依赖 (会把新依赖追加到 BASENAMES 数组中)
+get_recursive_basenames() {
+    local basename="$1"
+    # 注意：根据之前脚本结构，info 存放在 /var/lib/apm/apm/files/ace-env/var/lib/apm/<basename>/info
+    local base_dir="/var/lib/apm/apm/files/ace-env/var/lib/apm/$basename"
+    local info_file="$base_dir/info"
+
+    if [ -f "$info_file" ]; then
+        log.info "读取info文件: $info_file"
+        while IFS= read -r base; do
+            [[ -z "$base" ]] && continue
+            # 如果依赖的 base 没有被记录过，则递归添加
+            local found=false
+            for existing in "${BASENAMES[@]}"; do
+                if [ "$existing" = "$base" ]; then
+                    found=true
+                    break
+                fi
+            done
+            if [ "$found" = false ]; then
+                BASENAMES+=("$base")
+                get_recursive_basenames "$base"
+            fi
+        done < "$info_file"
+    else
+        log.info "未找到info文件，跳过: $info_file"
+    fi
+}
+
+BASE_INPUTS=("${BASENAMES[@]}")
+BASENAMES=()
+
+# 将 --base 中的 addons 转换为显式 addons，并把其 info 依赖的 base 加入 base 列表。
+for BASE in "${BASE_INPUTS[@]}"; do
+    if _is_addon_pkg "$BASE"; then
+        log.info "检测到 --base 指向 addons: $BASE"
+        _append_unique ADDONS "$BASE"
+        _append_unique SELECTED_ADDONS "$BASE"
+
+        addon_info="$(_pkg_dir "$BASE")/info"
+        if [ -f "$addon_info" ]; then
+            while IFS= read -r addon_base; do
+                [ -z "$addon_base" ] && continue
+                _append_unique BASENAMES "$addon_base"
+            done < "$addon_info"
+        else
+            log.warn "addons 缺少 info，无法自动补 base 依赖: $BASE"
+        fi
+    else
+        _append_unique BASENAMES "$BASE"
+    fi
+done
+
+BASENAMES_ORIG=("${BASENAMES[@]}")
+
+# 递归获取所有基础环境（从规范化后的 base 开始）
+for BASE in "${BASENAMES[@]}"; do
+    get_recursive_basenames "$BASE"
+done
+
+# 如果用户传了 DEB，则读取原包信息（否则跳过）
+if [ -n "$DEB_PATH" ]; then
+    log.info "检查原DEB包信息..."
+    ORIG_PKGNAME=$(dpkg -f "$DEB_PATH" Package 2>/dev/null || echo "")
+    ORIG_VERSION=$(dpkg -f "$DEB_PATH" Version 2>/dev/null || echo "")
+    ORIG_ARCH=$(dpkg -f "$DEB_PATH" Architecture 2>/dev/null || echo "")
+
+    log.info "原包名: ${ORIG_PKGNAME:-未知}"
+    log.info "原版本: ${ORIG_VERSION:-未知}"
+    log.info "原架构: ${ORIG_ARCH:-unknown}"
+else
+    ORIG_PKGNAME=""
+    ORIG_VERSION=""
+    ORIG_ARCH="$(dpkg --print-architecture 2>/dev/null || echo "unknown")"
+fi
+
+# 设置新包名和版本（若手动模式且未指定，则稍后询问）
+NEW_PKGNAME="${PKGNAME:-${ORIG_PKGNAME}}"
+NEW_VERSION="${VERSION:-${ORIG_VERSION}-apm}"
+
+log.info "将使用的新包名: ${NEW_PKGNAME:-<未指定>}"
+log.info "将使用的新版本: ${NEW_VERSION:-<未指定>}"
+log.info "使用的架构: $ORIG_ARCH"
+
+# 2. 构建 lowerdir 路径（多个 base 按顺序叠放，只包含本次显式选择的 addons）
+log.info "构建 overlay lowerdir 路径..."
+LOWERDIRS=()
+
+for BASENAME in "${BASENAMES[@]}"; do
+    ACE_ENV_PATH="/var/lib/apm/apm/files/ace-env/var/lib/apm/${BASENAME}/files/ace-env"
+    CORE_PATH="/var/lib/apm/apm/files/ace-env/var/lib/apm/${BASENAME}/files/core"
+
+    if [ -d "$ACE_ENV_PATH" ]; then
+        log.info "使用 ace-env 路径: $ACE_ENV_PATH"
+        LOWERDIRS+=("$ACE_ENV_PATH")
+    elif [ -d "$CORE_PATH" ]; then
+        log.info "使用 core 路径: $CORE_PATH"
+        LOWERDIRS+=("$CORE_PATH")
+    else
+        log.error "错误：基础环境路径不存在: $BASENAME"
+        log.error "  检查的路径: $ACE_ENV_PATH"
+        log.error "  检查的路径: $CORE_PATH"
+        exit 1
+    fi
+done
+
+# 追加本次显式选择的 addons（放在 bases 之上）
+for addon in "${ADDONS[@]}"; do
+    ADDON_PATH="/var/lib/apm/${addon}"
+    if [ ! -d "$ADDON_PATH" ]; then
+        ADDON_PATH="/var/lib/apm/apm/files/ace-env/var/lib/apm/${addon}"
+    fi
+
+    if [ -d "${ADDON_PATH}/files/ace-env" ]; then
+        log.info "使用显式 addon ace-env 路径: ${ADDON_PATH}/files/ace-env"
+        LOWERDIRS+=("${ADDON_PATH}/files/ace-env")
+    elif [ -d "${ADDON_PATH}/files/core" ]; then
+        log.info "使用显式 addon core 路径: ${ADDON_PATH}/files/core"
+        LOWERDIRS+=("${ADDON_PATH}/files/core")
+    else
+        log.error "错误：显式指定的 addon 路径不存在: $addon"
+        log.error "  检查的路径: ${ADDON_PATH}"
+        exit 1
+    fi
+done
+
+# 将 lowerdirs 数组用冒号连接
+LOWERDIR=$(IFS=:; echo "${LOWERDIRS[*]}")
+log.debug "最终 lowerdir: $LOWERDIR"
+
+# 3. 进行融合挂载
+log.info "正在进行融合挂载..."
+sudo fuse-overlayfs \
+    -o "lowerdir=$LOWERDIR,upperdir=$CRAFT_DIR/core/,workdir=$CRAFT_DIR/work/" \
+    "$CRAFT_DIR/mergedir"
+
+if ! mountpoint -q "$CRAFT_DIR/mergedir"; then
+    log.error "错误：融合挂载失败"
+    exit 1
+fi
+
+log.info "挂载完成: $CRAFT_DIR/mergedir"
+
+# 导出 chrootEnvPath 以便 ace-run-pkg 使用（并在需要时传递给 sudo -E）
+export chrootEnvPath="$CRAFT_DIR/mergedir"
+log.debug "已导出 chrootEnvPath=$chrootEnvPath"
+
+# 如果在手动模式下，立即打开交互 shell 并在退出后继续脚本
+if [ "$MANUAL_MODE" = true ]; then
+    log.info "进入手动模式：将在融合挂载环境中打开交互 shell（使用 ace-run-pkg）。"
+    log.info "在 shell 中，您可以手动修改、测试安装或进行其他操作。退出 shell 后脚本将继续。"
+    # 启动交互 shell，保留环境变量（使用 sudo -E）
+    sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg bash --login || {
+        log.warn "ace-run-pkg shell 退出或出现错误，继续脚本..."
+    }
+    log.info "用户已退出手动 shell，脚本将继续。"
+    # 如果没有 DEB，询问是否要进行后续打包（允许返回 shell）
+    if [ -z "$DEB_PATH" ]; then
+        while true; do
+            echo ""
+            read -r -p "未提供 DEB 文件。是否现在进行新 APM 包的自动打包？ (y = 打包, r = 返回 shell, n = 跳过打包) [y/r/n]: " yn
+            case "$yn" in
+                y|Y)
+                    # 如果缺少包名或版本，交互询问
+                    if [ -z "$NEW_PKGNAME" ]; then
+                        read -r -p "请输入要创建的包名 (Package): " NEW_PKGNAME
+                    fi
+                    if [ -z "$NEW_VERSION" ] || [[ "$NEW_VERSION" == "-apm" ]]; then
+                        read -r -p "请输入要创建的版本 (Version): " NEW_VERSION
+                    fi
+                    break
+                    ;;
+                r|R)
+                    log.info "返回交互 shell（使用 ace-run-pkg）。退出 shell 后再次询问。"
+                    sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg bash --login || true
+                    ;;
+                n|N)
+                    log.info "跳过自动打包。脚本结束。"
+                    exit 0
+                    ;;
+                *)
+                    echo "请输入 y, r, 或 n。"
+                    ;;
+            esac
+        done
+    fi
+fi
+
+# 到这里：非手动模式或手动模式退出后继续（如果是非手动并且有 DEB，继续原本流程）
+
+# 函数：查找并处理符号链接，返回实际文件路径
+resolve_symlink() {
+    local file="$1"
+    local target_dir="$2"
+    
+    if [ -L "$file" ]; then
+        # 获取符号链接目标
+        local target=$(readlink "$file")
+        
+        # 如果目标是绝对路径，则在目标目录中查找
+        if [[ "$target" == /* ]]; then
+            local resolved_path="$target_dir${target}"
+            if [ -f "$resolved_path" ]; then
+                echo "$resolved_path"
+                return 0
+            fi
+        else
+            # 相对路径，在符号链接所在目录解析
+            local link_dir=$(dirname "$file")
+            local resolved_path="$link_dir/$target"
+            if [ -f "$resolved_path" ]; then
+                echo "$resolved_path"
+                return 0
+            fi
+        fi
+    fi
+    
+    # 如果不是符号链接或解析失败，返回原文件
+    echo "$file"
+}
+
+# 函数：交互式选择文件复制到entries目录（用于手动模式无DEB情况）
+# 函数：交互式选择文件复制到entries目录（用于手动模式无DEB情况）
+interactive_copy_entries() {
+    local core_dir="$CRAFT_DIR/core"
+    local entries_dir="$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/entries"
+    
+    log.info "开始交互式选择文件复制到 entries 目录..."
+    mkdir -p "$entries_dir/applications" "$entries_dir/icons"
+    
+    # 查找桌面文件（保留完整路径）
+    local desktop_files=()
+    while IFS= read -r -d '' file; do
+        [[ -f "$file" ]] && desktop_files+=("$file")
+    done < <(find "$core_dir/usr/share" -name "*.desktop" -print0 2>/dev/null || true)
+    
+    # 查找图标文件（保留完整路径）
+    local icon_files=()
+    while IFS= read -r -d '' file; do
+        [[ -f "$file" ]] && icon_files+=("$file")
+    done < <(find "$core_dir/usr/share" \( -name "*.png" -o -name "*.svg" -o -name "*.xpm" \) -print0 2>/dev/null || true)
+    
+    # 处理桌面文件
+    if [ ${#desktop_files[@]} -gt 0 ]; then
+        log.info "找到 ${#desktop_files[@]} 个桌面文件:"
+        for i in "${!desktop_files[@]}"; do
+            local file="${desktop_files[$i]}"
+            # 显示完整路径（相对于 core_dir）
+            local relative_path="${file#$core_dir}"
+            echo "  $((i+1)). $relative_path"
+            
+            # 检查是否是符号链接
+            if [ -L "$file" ]; then
+                local target=$(readlink "$file")
+                echo "      → 符号链接指向: $target"
+                # 解析符号链接获取实际文件
+                local resolved_file=$(resolve_symlink "$file" "$core_dir")
+                if [ "$resolved_file" != "$file" ] && [ -f "$resolved_file" ]; then
+                    local resolved_relative="${resolved_file#$core_dir}"
+                    echo "      → 解析为: $resolved_relative"
+                    desktop_files[$i]="$resolved_file"
+                fi
+            fi
+        done
+        
+        echo ""
+        read -r -p "请选择要复制的桌面文件编号（多个用逗号分隔，all=全部，none=跳过）: " desktop_choice
+        
+        if [[ "$desktop_choice" =~ ^[Aa][Ll][Ll]$ ]]; then
+            # 复制所有桌面文件到 entries/applications，但保持目录结构
+            for file in "${desktop_files[@]}"; do
+                local relative_path="${file#$core_dir}"
+                local dest_filename=$(basename "$file")
+                
+                # 如果文件在 applications 目录下，直接复制到 entries/applications
+                if [[ "$relative_path" == /usr/share/applications/* ]]; then
+                    local dest_path="$entries_dir/applications/$dest_filename"
+                else
+                    # 其他位置的桌面文件，保持相对路径结构
+                    local path_dir=$(dirname "$relative_path")
+                    local dest_dir="$entries_dir/applications$path_dir"
+                    mkdir -p "$dest_dir"
+                    local dest_path="$dest_dir/$dest_filename"
+                fi
+                
+                cp -v "$file" "$dest_path"
+                
+                # 处理桌面文件内容
+                process_desktop_file "$dest_path" "$NEW_PKGNAME"
+            done
+        elif [[ ! "$desktop_choice" =~ ^[Nn][Oo][Nn][Ee]$ ]] && [ -n "$desktop_choice" ]; then
+            # 处理选择的文件
+            IFS=',' read -ra choices <<< "$desktop_choice"
+            for choice in "${choices[@]}"; do
+                choice=$(echo "$choice" | tr -d ' ')
+                if [[ "$choice" =~ ^[0-9]+$ ]] && [ "$choice" -ge 1 ] && [ "$choice" -le ${#desktop_files[@]} ]; then
+                    local idx=$((choice-1))
+                    local file="${desktop_files[$idx]}"
+                    local relative_path="${file#$core_dir}"
+                    local dest_filename=$(basename "$file")
+                    
+                    # 根据路径决定目标位置
+                    if [[ "$relative_path" == /usr/share/applications/* ]]; then
+                        local dest_path="$entries_dir/applications/$dest_filename"
+                    else
+                        local path_dir=$(dirname "$relative_path")
+                        local dest_dir="$entries_dir/applications$path_dir"
+                        mkdir -p "$dest_dir"
+                        local dest_path="$dest_dir/$dest_filename"
+                    fi
+                    
+                    cp -v "$file" "$dest_path"
+                    
+                    # 处理桌面文件内容
+                    process_desktop_file "$dest_path" "$NEW_PKGNAME"
+                else
+                    log.warn "无效的选择: $choice"
+                fi
+            done
+        else
+            log.info "跳过桌面文件复制"
+        fi
+    else
+        log.info "未找到桌面文件"
+    fi
+    
+    # 处理图标文件
+    if [ ${#icon_files[@]} -gt 0 ]; then
+        log.info "找到 ${#icon_files[@]} 个图标文件:"
+        for i in "${!icon_files[@]}"; do
+            local file="${icon_files[$i]}"
+            local relative_path="${file#$core_dir}"
+            echo "  $((i+1)). $relative_path"
+            
+            # 检查是否是符号链接
+            if [ -L "$file" ]; then
+                local target=$(readlink "$file")
+                echo "      → 符号链接指向: $target"
+                # 解析符号链接获取实际文件
+                local resolved_file=$(resolve_symlink "$file" "$core_dir")
+                if [ "$resolved_file" != "$file" ] && [ -f "$resolved_file" ]; then
+                    local resolved_relative="${resolved_file#$core_dir}"
+                    echo "      → 解析为: $resolved_relative"
+                    icon_files[$i]="$resolved_file"
+                fi
+            fi
+        done
+        
+        echo ""
+        read -r -p "请选择要复制的图标文件编号（多个用逗号分隔，all=全部，none=跳过）: " icon_choice
+        
+        if [[ "$icon_choice" =~ ^[Aa][Ll][Ll]$ ]]; then
+            # 复制所有图标文件到 entries/icons，保持目录结构
+            for file in "${icon_files[@]}"; do
+                local relative_path="${file#$core_dir}"
+                local dest_filename=$(basename "$file")
+                
+                # 如果文件在 icons 主题目录下，直接复制到 entries/icons
+                if [[ "$relative_path" == /usr/share/icons/* ]] || 
+                   [[ "$relative_path" == /usr/share/pixmaps/* ]]; then
+                    local dest_path="$entries_dir/icons/$dest_filename"
+                else
+                    # 其他位置的图标文件，保持相对路径结构
+                    local path_dir=$(dirname "$relative_path")
+                    local dest_dir="$entries_dir/icons$path_dir"
+                    mkdir -p "$dest_dir"
+                    local dest_path="$dest_dir/$dest_filename"
+                fi
+                
+                cp -v "$file" "$dest_path"
+            done
+        elif [[ ! "$icon_choice" =~ ^[Nn][Oo][Nn][Ee]$ ]] && [ -n "$icon_choice" ]; then
+            # 处理选择的文件
+            IFS=',' read -ra choices <<< "$icon_choice"
+            for choice in "${choices[@]}"; do
+                choice=$(echo "$choice" | tr -d ' ')
+                if [[ "$choice" =~ ^[0-9]+$ ]] && [ "$choice" -ge 1 ] && [ "$choice" -le ${#icon_files[@]} ]; then
+                    local idx=$((choice-1))
+                    local file="${icon_files[$idx]}"
+                    local relative_path="${file#$core_dir}"
+                    local dest_filename=$(basename "$file")
+                    
+                    # 根据路径决定目标位置
+                    if [[ "$relative_path" == /usr/share/icons/* ]] || 
+                       [[ "$relative_path" == /usr/share/pixmaps/* ]]; then
+                        local dest_path="$entries_dir/icons/$dest_filename"
+                    else
+                        local path_dir=$(dirname "$relative_path")
+                        local dest_dir="$entries_dir/icons$path_dir"
+                        mkdir -p "$dest_dir"
+                        local dest_path="$dest_dir/$dest_filename"
+                    fi
+                    
+                    cp -v "$file" "$dest_path"
+                else
+                    log.warn "无效的选择: $choice"
+                fi
+            done
+        else
+            log.info "跳过图标文件复制"
+        fi
+    else
+        log.info "未找到图标文件"
+    fi
+}
+
+
+
+# 函数：处理桌面文件内容
+# 函数：处理桌面文件内容（安全版本，避免重复处理）
+process_desktop_file() {
+    local desktop_file="$1"
+    local pkgname="$2"
+    local apm_exec_prefix="apm run $pkgname"
+
+    if is_nixos; then
+        apm_exec_prefix="/run/current-system/sw/bin/apm run $pkgname"
+    fi
+
+    # 新增：精确路径检查
+    local apps_path1="/usr/share/applications"
+    local apps_path2="/opt/apps/${ORIG_PKGNAME}/entries/applications"
+    local apps_path3="/usr/local/share/applications"
+    
+    if [[ ! "$desktop_file" =~ ^.*${apps_path1}/.*\.desktop$ ]] && 
+       [[ ! "$desktop_file" =~ ^.*${apps_path2}/.*\.desktop$ ]] &&
+       [[ ! "$desktop_file" =~ ^.*${apps_path3}/.*\.desktop$ ]]; then
+        log.debug "跳过非应用程序 desktop 文件: $desktop_file"
+        return 0
+    fi
+    
+    log.info "处理桌面文件: $desktop_file"
+    
+    # 检查文件是否已经处理过（避免重复添加 apm run）
+    if grep -q "^Exec=${apm_exec_prefix} " "$desktop_file"; then
+        log.info "桌面文件已经处理过，跳过: $desktop_file"
+        return 0
+    fi
+    
+    # 检查是否有其他包的 apm run 前缀（清理旧的）
+    if grep -Eq "^Exec=(/run/current-system/sw/bin/)?apm run [^ ]* " "$desktop_file"; then
+        log.info "发现旧的 apm run 前缀，清理后重新添加"
+        # 移除所有 apm run 前缀
+        sed -i -E "s|^Exec=(/run/current-system/sw/bin/)?apm run [^ ]* |Exec=|" "$desktop_file"
+    fi
+    
+    # 尝试用 busybox dos2unix（若不存在则跳过转换）
+    if command -v busybox >/dev/null 2>&1; then
+        busybox dos2unix "$desktop_file" 2>/dev/null || true
+    else
+        dos2unix "$desktop_file" 2>/dev/null || true
+    fi
+    
+    # 处理 Exec 行：在原有命令前追加 apm run $pkgname
+    if grep -q '^Exec=' "$desktop_file"; then
+        sed -i "s|^Exec=\(.*\)$|Exec=${apm_exec_prefix} \1|" "$desktop_file"
+    fi
+    
+    # 删除 TryExec 行
+    if grep -q '^TryExec=' "$desktop_file"; then
+        sed -i '/^TryExec=/d' "$desktop_file"
+        log.info "已删除 TryExec 行"
+    fi
+    
+    # 处理 Icon 路径（若以 / 开头）
+    if grep -q '^Icon=/' "$desktop_file"; then
+        sed -i "s|^Icon=/|Icon=/var/lib/apm/apm/files/ace-env/var/lib/apm/$pkgname/files/core/|" "$desktop_file"
+    fi
+    
+    # 添加 X-APM-APPID（如果不存在）
+    if ! grep -q "X-APM-APPID" "$desktop_file"; then
+        echo "" >> "$desktop_file"
+        echo "X-APM-APPID=$pkgname" >> "$desktop_file"
+    fi
+    
+    # 检查修改结果并打印调试
+    if grep -q "apm run $pkgname" "$desktop_file"; then
+        log.info "桌面文件修改成功: $desktop_file"
+    else
+        log.warn "桌面文件可能未正确修改: $desktop_file"
+    fi
+}
+
+
+# 4. 如果有 DEB 文件，进行自动化的检查、解包与修改
+if [ -n "$DEB_PATH" ]; then
+
+    # 在融合环境中更新包列表并做 dry-run 检查（如果 ace-run-pkg aptss 可用）
+    log.info "在融合环境中测试安装 DEB 包（dry-run）..."
+    sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg aptss update || log.warn "aptss update 返回非零状态，继续但请注意"
+    if ! sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg aptss install "$DEB_PATH" --dry-run ; then
+        log.error "错误：安装前检查失败，DEB包可能无法在基础环境中安装"
+        log.error "请检查依赖关系或基础环境是否兼容"
+        exit 1
+    fi
+    log.info "安装前检查通过，准备进行提取与修改..."
+    sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg mkdir -p /var/cache/apt/archives/partial
+
+    # 提取 DEB 包内容并准备修改
+    log.info "提取并修改原DEB包..."
+    EXTRACT_DIR="$CRAFT_DIR/extract"
+    MODIFIED_DEB_DIR="$CRAFT_DIR/modified_deb"
+    mkdir -p "$EXTRACT_DIR"
+    mkdir -p "$MODIFIED_DEB_DIR/DEBIAN"
+
+    dpkg -x "$DEB_PATH" "$EXTRACT_DIR"
+    dpkg -e "$DEB_PATH" "$MODIFIED_DEB_DIR/DEBIAN"
+
+    # 处理 .desktop 文件
+    DESKTOP_MODIFIED=false
+    while IFS= read -r desktop_file; do
+        [ -z "$desktop_file" ] && continue
+        process_desktop_file "$desktop_file" "${NEW_PKGNAME:-$ORIG_PKGNAME}"
+        DESKTOP_MODIFIED=true
+    done < <(find "$EXTRACT_DIR" -name "*.desktop" -print)
+
+    if [ "$DESKTOP_MODIFIED" = false ]; then
+        log.info "未找到需要修改的 .desktop 文件"
+    fi
+
+    # 复制修改后的文件结构到打包目录并重新打包 modified deb（供本地测试/安装使用）
+    MODIFIED_DEB_PATH="$CRAFT_DIR/modified_${ORIG_PKGNAME:-package}.deb"
+    log.info "重新打包修改后的 DEB: $MODIFIED_DEB_PATH"
+    mkdir -p "$MODIFIED_DEB_DIR/data"
+    cp -r "$EXTRACT_DIR"/* "$MODIFIED_DEB_DIR/" 2>/dev/null || true
+
+    (cd "$MODIFIED_DEB_DIR" && fakeroot dpkg-deb --build -Z none . "$MODIFIED_DEB_PATH") || {
+        log.error "错误：重新打包 DEB 失败"
+        exit 1
+    }
+
+    if [ ! -f "$MODIFIED_DEB_PATH" ]; then
+        log.error "错误：重新打包后的 DEB 未生成: $MODIFIED_DEB_PATH"
+        exit 1
+    fi
+    log.info "修改后的 DEB 包已生成: $MODIFIED_DEB_PATH"
+
+    # 可选：在融合环境中实际安装修改后的包（默认使用 ssaudit 命令）
+    if ! sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg ssaudit "$MODIFIED_DEB_PATH" --native --no-create-desktop-entry ; then
+        log.error "错误：修改后的 DEB 包安装失败（ssaudit）"
+        exit 1
+    fi
+    log.info "修改后的 DEB 包安装完成（ssaudit）"
+
+
+fi
+
+    # 清理 apt 缓存
+    sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg aptss clean || true
+    sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg rm -vfr /var/lib/apt/lists || true
+    sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg rm -vfr /var/lib/aptss/lists || true
+    sudo -E chrootEnvPath="$chrootEnvPath" /var/lib/apm/apm/files/ace-run-pkg rm -vfr /var/cache/apt/archives/* || true
+
+#清理 .dpkg-new 文件
+log.info "搜索并清理 .dpkg-new 文件..."
+# 在 core 目录下查找并删除所有以 .dpkg-new 结尾的文件
+# 删除 .dpkg-new 文件（去掉后缀）
+log.info "删除 .dpkg-new 文件.."
+find "$CRAFT_DIR/core" -name "*.dpkg-new"  2>/dev/null | while read -r file; do
+
+    sudo rm -vfr "$file" 
+done
+
+# 统计清理结果
+COUNT=$(find "$CRAFT_DIR/core" -name "*.dpkg-new" -type f 2>/dev/null | wc -l)
+if [ "$COUNT" -eq 0 ]; then
+    log.info "已清理所有 .dpkg-new 文件"
+else
+    log.warn "仍有 $COUNT 个 .dpkg-new 文件存在"
+fi
+
+
+# 5. 创建新的 APM 包结构
+log.info "创建新的APM包结构..."
+PKG_BUILD_DIR="$CRAFT_DIR/new-pkg"
+mkdir -p "$PKG_BUILD_DIR/DEBIAN"
+mkdir -p "$PKG_BUILD_DIR/var/lib/apm/$NEW_PKGNAME"/{entries,files} 2>/dev/null || true
+
+# info 和 info_debug：写入原始输入的 base 列表 和 递归展开后的 base 列表
+log.info "创建 info 文件（包含原始输入的基础环境）..."
+: > "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/info" 2>/dev/null || true
+for BASENAME in "${BASENAMES_ORIG[@]}"; do
+    echo "$BASENAME" >> "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/info"
+    log.info "  写入: $BASENAME"
+done
+
+log.info "创建 info_debug 文件（包含所有递归依赖的基础环境）..."
+: > "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/info_debug" 2>/dev/null || true
+for BASENAME in "${BASENAMES[@]}"; do
+    echo "$BASENAME" >> "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/info_debug"
+    log.info "  写入: $BASENAME"
+done
+
+if [ ${#SELECTED_ADDONS[@]} -gt 0 ]; then
+    log.info "创建 info_layer_addons 文件（仅包含本次选择的 addons）..."
+    : > "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/info_layer_addons" 2>/dev/null || true
+    for addon in "${SELECTED_ADDONS[@]}"; do
+        echo "$addon" >> "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/info_layer_addons"
+        log.info "  写入 addon: $addon"
+    done
+fi
+
+# 创建 postrm 脚本
+cat > "$PKG_BUILD_DIR/DEBIAN/postrm" << 'EOF'
+#!/bin/bash
+PACKAGE_NAME="$DPKG_MAINTSCRIPT_PACKAGE"
+
+if [ "$1" = "remove" ] || [ "$1" = "purge" ]; then
+    echo "清理卸载残留"
+    rm -rf "/var/lib/apm/$PACKAGE_NAME"
+    for username in $(ls /home); do
+        if [ -d "/home/$username/.apm/$PACKAGE_NAME" ]; then
+            rm -fr "/home/$username/.apm/$PACKAGE_NAME"
+        fi
+    done
+else
+    echo "非卸载，跳过清理"
+fi
+EOF
+
+chmod +x "$PKG_BUILD_DIR/DEBIAN/postrm"
+
+# 6. 复制需要的文件到新的 APM 包
+log.info "复制文件到新的APM包..."
+
+# 如果是手动模式且没有DEB文件，进行交互式文件选择
+if [ "$MANUAL_MODE" = true ] && [ -z "$DEB_PATH" ]; then
+    interactive_copy_entries
+fi
+
+# 复制 /usr/share 内容到 entries
+if [ -d "$CRAFT_DIR/extract/usr/share" ]; then
+    log.info "复制 /usr/share 内容..."
+    mkdir -p "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/entries"
+    cp -r "$CRAFT_DIR/extract/usr/share/"* "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/entries/" 2>/dev/null || true
+fi
+
+# 复制 /opt/apps/<orig_pkg>/entries（如果存在）
+if [ -n "$ORIG_PKGNAME" ] && [ -d "$CRAFT_DIR/extract/opt/apps/$ORIG_PKGNAME/entries" ]; then
+    log.info "复制 /opt/apps/$ORIG_PKGNAME/entries 内容..."
+    cp -r "$CRAFT_DIR/extract/opt/apps/$ORIG_PKGNAME/entries/"* "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/entries/" 2>/dev/null || true
+fi
+
+# 复制融合环境（core, work）到新的包内 files（以便运行时使用）
+log.info "复制融合环境文件..."
+sudo cp -r "$CRAFT_DIR"/core "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/files/" 2>/dev/null || true
+sudo cp -r "$CRAFT_DIR"/work "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/files/" 2>/dev/null || true
+
+# 设置文件权限
+sudo chmod -R 755 "$PKG_BUILD_DIR/var/lib/apm/${NEW_PKGNAME}/files/" 2>/dev/null || true
+
+# 7. 解除挂载（如果尚未解除）
+log.info "解除挂载..."
+cleanup_mount
+
+# 8. 计算目录大小函数
+calculate_directory_size() {
+    local dir="$1"
+    if [ -d "$dir" ]; then
+        du -sk "$dir" | cut -f1
+    else
+        echo "0"
+    fi
+}
+
+# 构建依赖字符串 - 包含规范化后的 base 和显式指定的 addons（用于 control）
+DEPENDS_PARTS=("${BASENAMES_ORIG[@]}")
+
+# 如果包名是 addons 格式（*-addons），确保 base 已在依赖中
+if [[ "${NEW_PKGNAME}" == *-addons ]]; then
+    log.info "检测到 addons 包，确保 base 依赖已包含"
+fi
+
+# 追加显式指定的 addons 到依赖
+for addon in "${ADDONS[@]}"; do
+    FOUND_ADDON=false
+    for existing in "${DEPENDS_PARTS[@]}"; do
+        if [ "$existing" = "$addon" ]; then
+            FOUND_ADDON=true
+            break
+        fi
+    done
+    if [ "$FOUND_ADDON" = false ]; then
+        DEPENDS_PARTS+=("$addon")
+    fi
+done
+
+DEPENDS_STR=$(IFS=,; echo "${DEPENDS_PARTS[*]}")
+
+# 若打包前没有 NEW_PKGNAME/NEW_VERSION，交互询问（一般出现在手动无DEB场景）
+if [ -z "$NEW_PKGNAME" ]; then
+    read -r -p "请输入要创建的包名 (Package): " NEW_PKGNAME
+fi
+if [ -z "$NEW_VERSION" ] || [[ "$NEW_VERSION" == "-apm" ]]; then
+    read -r -p "请输入要创建的版本 (Version): " NEW_VERSION
+fi
+
+# 创建 control 文件
+cat > "${PKG_BUILD_DIR}/DEBIAN/control" << EOF
+Package: $NEW_PKGNAME
+Version: $NEW_VERSION
+Architecture: $ORIG_ARCH
+Maintainer: APM Converter <shenmo@spark-app.store>
+Depends: $DEPENDS_STR
+Installed-Size: $(calculate_directory_size "$PKG_BUILD_DIR")
+Description: APM converted package from ${ORIG_PKGNAME:-original}
+  This package was automatically converted from the original deb package.
+  Based on: ${BASENAMES_ORIG[*]}
+EOF
+
+# 9. 打包并生成输出文件名
+OUTPUT_DEB="${NEW_PKGNAME}_${NEW_VERSION}_${ORIG_ARCH}.deb"
+log.info "开始使用 fakeroot 打包: $OUTPUT_DEB"
+fakeroot dpkg-deb -Z xz --build "$PKG_BUILD_DIR" "$OUTPUT_DEB" || {
+    log.error "错误：打包 APM 包失败"
+    exit 1
+}
+
+log.info "转换完成！"
+log.info "生成的APM包: $OUTPUT_DEB"
+log.info "包名: $NEW_PKGNAME"
+log.info "版本: $NEW_VERSION"
+log.info "架构: $ORIG_ARCH"
+log.info "依赖: $DEPENDS_STR"
+log.info "基础环境（原始输入）: ${BASENAMES_ORIG[*]}"
+log.info "基础环境（递归展开）: ${BASENAMES[*]}"
+log.info "注意：桌面文件如存在已被修改，添加了 apm run 前缀和 X-APM-APPID"
+
+# 退出（trap 会触发 cleanup）
+exit 0
@@ -0,0 +1 @@
+../../var/lib/apm/apm/files/bin/ace-run
@@ -0,0 +1,131 @@
+#!/bin/bash
+
+# 检测是否安装了 KDE Plasma 桌面环境
+# 通过检查系统中是否存在相关的 desktop 文件或关键程序
+is_kde_plasma() {
+    # 检查 KDE Plasma
+    if [ -f /usr/share/xsessions/plasma.desktop ] || \
+       [ -f /usr/share/xsessions/plasma-xorg.desktop ] || \
+       [ -f /usr/share/xsessions/plasma-wayland.desktop ] || \
+       [ -f /usr/local/share/xsessions/plasma.desktop ] || \
+       [ -f /usr/local/share/xsessions/plasma-xorg.desktop ] || \
+       [ -f /usr/local/share/xsessions/plasma-wayland.desktop ] || \
+       command -v startplasma-x11 >/dev/null 2>&1 || \
+       command -v startplasma-wayland >/dev/null 2>&1 || \
+       command -v plasmashell >/dev/null 2>&1; then
+        return 0
+    fi
+    return 1
+}
+
+# 确定目标目录
+if grep -q "Kylin" /etc/os-release; then
+    TARGET_BASE="/usr/share"
+    APP_TARGET_DIR="$TARGET_BASE/applications"
+    echo "检测到麒麟系统，使用目标目录: $TARGET_BASE"
+else
+    TARGET_BASE="/usr/local/share"
+    # 检测是否为 KDE Plasma 桌面环境
+    if is_kde_plasma; then
+        APP_TARGET_DIR="$TARGET_BASE/applications/apm"
+        echo "检测到 KDE Plasma 桌面环境，使用目标目录: $APP_TARGET_DIR"
+    else
+        APP_TARGET_DIR="$TARGET_BASE/applications"
+        echo "使用标准目标目录: $APP_TARGET_DIR"
+    fi
+fi
+
+function ensure_dir() {
+    local dir="$1"
+    
+    # 检查目录是否为空
+    if [ -z "$dir" ]; then
+        echo "错误: 目录路径不能为空"
+        return 1
+    fi
+    
+    # 检查目录是否存在
+    if [ ! -d "$dir" ]; then
+        echo "目录 '$dir' 不存在，正在创建..."
+        if mkdir -p "$dir"; then
+            echo "成功创建目录 '$dir'"
+            return 0
+        else
+            echo "错误: 无法创建目录 '$dir'"
+            return 1
+        fi
+    else
+        return 0
+    fi
+}
+
+# 函数：检查目录并创建符号链接
+process_directory() {
+    local source_dir="$1"
+    local target_dir="$2"
+    local name="$3"
+    
+    if [ -d "$source_dir" ] && [ -n "$(ls -A "$source_dir")" ]; then
+        ln -sv $source_dir/* "$target_dir" 2>/dev/null
+        find "$target_dir" -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink {} \; 2>/dev/null &
+    else
+        echo "$name directory is empty or does not exist, skipping..."
+    fi
+}
+
+# 使用动态确定的目标目录
+ensure_dir "$APP_TARGET_DIR/"
+ensure_dir "$TARGET_BASE/icons/"
+
+# 处理 applications 目录
+process_directory "/var/lib/apm/apm/files/ace-env/amber-ce-tools/data-dir/applications/" \
+                  "$APP_TARGET_DIR/" "Applications"
+
+# 处理 icons 目录
+process_directory "/var/lib/apm/apm/files/ace-env/amber-ce-tools/data-dir/icons/" \
+                  "$TARGET_BASE/icons/" "Icons"
+
+# 等待所有后台任务完成
+wait
+
+# 迁移老链接（仅非麒麟系统需要）
+if ! grep -q "Kylin" /etc/os-release; then
+    # 定义可能的链接位置
+    APM_SUBDIR="/usr/local/share/applications/apm"
+    APP_ROOT_DIR="/usr/local/share/applications"
+    
+    # 根据当前目标目录，确定源目录
+    if [ "$APP_TARGET_DIR" = "$APM_SUBDIR" ]; then
+        # 当前目标是 apm 子目录，需要检查根目录是否有链接需要迁移
+        SOURCE_DIR="$APP_ROOT_DIR"
+    else
+        # 当前目标是根目录，需要检查 apm 子目录是否有链接需要迁移
+        SOURCE_DIR="$APM_SUBDIR"
+    fi
+    
+    # 检查源目录是否存在且与目标目录不同
+    if [ -d "$SOURCE_DIR" ] && [ "$SOURCE_DIR" != "$APP_TARGET_DIR" ]; then
+        echo "检查并迁移老链接..."
+        # 查找源目录中指向APM数据目录的符号链接
+        find "$SOURCE_DIR" -maxdepth 1 -type l 2>/dev/null | while read -r link; do
+            target=$(readlink "$link")
+            # 如果链接指向APM的数据目录
+            if [[ "$target" == /var/lib/apm/apm/files/ace-env/amber-ce-tools/data-dir/applications/* ]]; then
+                filename=$(basename "$link")
+                # 如果新位置没有同名文件，则移动
+                if [ ! -e "$APP_TARGET_DIR/$filename" ]; then
+                    echo "迁移老链接: $filename"
+                    mv -v "$link" "$APP_TARGET_DIR/"
+                else
+                    echo "新位置已存在 $filename，删除老链接"
+                    rm -v "$link"
+                fi
+            fi
+        done
+        
+        # 如果源目录是 apm 子目录且已空，尝试删除
+        if [ "$SOURCE_DIR" = "$APM_SUBDIR" ] && [ -d "$APM_SUBDIR" ]; then
+            rmdir "$APM_SUBDIR" 2>/dev/null || true
+        fi
+    fi
+fi
@@ -0,0 +1,174 @@
+#!/bin/bash
+
+
+
+
+
+enumAppInfoList() {
+    appInfoList=()
+    apps="/var/lib/apm"
+    list=$(ls $apps 2>/dev/null)
+    for appID in $list; do
+        appInfoList+=("$appID")
+    done
+    echo "${appInfoList[@]}"
+}
+linkDir() {
+    ensureTargetDir() {
+        targetFile=$1
+        t=$(dirname "$targetFile")
+        mkdir -p "$t"
+    }
+
+    source=$1
+    target=$2
+    sourceDir=$(dirname "$source")
+    targetDir=$(dirname "$target")
+    find "$source" -type f | while read sourceFile; do
+        targetFile="$targetDir/${sourceFile#$sourceDir/}"
+
+
+        ensureTargetDir "$targetFile"
+	sourceFile=$(realpath --relative-to="$(dirname $targetFile)" "$sourceFile" )
+	if [  ! -e "${targetFile}" ];then
+        ln -sv "$sourceFile" "$targetFile"
+        fi
+    done
+}
+
+
+linkApp() {
+    appID=$1
+    appEntriesDir="/var/lib/apm/$appID/entries"
+    appLibsDir="/var/lib/apm/$appID/files/lib"
+    autoStartDir="$appEntriesDir/autostart"
+
+    if [ -d "$autoStartDir" ]; then
+        linkDir "$autoStartDir" "/etc/xdg/autostart"
+    fi
+
+    # link application
+    sysShareDir="/usr/share"
+    for folder in "$appEntriesDir/applications" "$appEntriesDir/icons" "$appEntriesDir/mime" "$appEntriesDir/glib-2.0" "$appEntriesDir/services" "$appEntriesDir/GConf" "$appEntriesDir/help" "$appEntriesDir/locale" "$appEntriesDir/fcitx"; do
+        if [ ! -d "$folder" ]; then
+            continue
+        fi
+        if [ "$folder" = "$appEntriesDir/polkit" ]; then
+            linkDir "$folder" "/usr/share/polkit-1"
+        elif [ "$folder" = "$appEntriesDir/fonts/conf" ]; then
+            linkDir "$folder" "/etc/fonts/conf.d"
+        else
+            linkDir "$folder" "$sysShareDir/${folder##*/}"
+        fi
+    done
+}
+
+function exec_uos_package_link(){
+
+for app in $(enumAppInfoList); do
+    linkApp "$app" &
+
+done
+wait
+}
+
+function exec_v23_icon_link(){
+# Fix v23 broken icon
+if [ ! -d "/usr/share/icons/hicolor/scalable/apps" ];then
+mkdir -p /usr/share/icons/hicolor/scalable/apps
+fi
+
+for icon_root_icon_path in $(ls /usr/share/icons/*.png /usr/share/icons/*.svg 2>/dev/null)
+do
+target_icon_path=/usr/share/icons/hicolor/scalable/apps/$(basename ${icon_root_icon_path})
+if [  ! -e ${target_icon_path} ];then
+ln -sv $(realpath --relative-to=/usr/share/icons/hicolor/scalable/apps ${icon_root_icon_path}) /usr/share/icons/hicolor/scalable/apps
+fi
+done
+}
+
+function exec_link_clean(){
+# remove broken links in /usr/share
+
+    find /usr/share/applications -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/icons -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/mime/packages -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/glib-2.0 -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/dbus-1/services -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/fcitx -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/help -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/locale -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+#    find /usr/lib/$(gcc -dumpmachine)/fcitx -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/lib/mozilla/plugins -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/polkit-1/actions -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /usr/share/fonts -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+    find /etc/fonts/conf.d -xtype l -exec echo '{} is invalid now and going to be cleaned' \; -exec unlink  {} \; 2>/dev/null &
+
+
+}
+function exec_uos_package_update(){
+    update-icon-caches /usr/share/icons/* > /dev/null 2>&1 &
+    update-desktop-database -q > /dev/null 2>&1 &
+    update-mime-database -V /usr/share/mime > /dev/null 2>&1 &
+    glib-compile-schemas /usr/share/glib-2.0/schemas/ > /dev/null 2>&1 &
+
+}
+
+function exec_debian_compatibile_links(){
+# 源目录和目标目录定义
+local SOURCE_DIR="/var/lib/apm"
+local TARGET_DIR="/var/lib/apm/apm/files/ace-env/var/lib/apm"
+
+# 检查目标目录是否存在
+if [[ ! -d "$TARGET_DIR" ]]; then
+    mkdir -p $TARGET_DIR
+fi
+
+# 第一部分：为缺失的目录创建软链接
+echo "检查并创建缺失的软链接..."
+for dir in "$SOURCE_DIR"/*/; do
+    # 获取目录名（去掉路径和尾部斜杠）
+    dirname=$(basename "$dir")
+    
+    # 跳过 apm 目录
+    if [[ "$dirname" == "apm" ]]; then
+        continue
+    fi
+    
+    # 检查目标目录中是否已存在对应的软链接或目录
+    target_link="$TARGET_DIR/$dirname"
+    if [[ ! -e "$target_link" ]]; then
+        echo "创建软链接: $target_link -> $dir"
+        ln -sv "$dir" "$target_link"
+    fi
+done
+
+# 第二部分：清理无效的软链接
+echo "清理无效的软链接..."
+for link in "$TARGET_DIR"/*; do
+    # 检查是否为软链接
+    if [[ -L "$link" ]]; then
+        # 检查软链接是否有效（指向的目标是否存在）
+        if [[ ! -e "$link" ]]; then
+            echo "删除无效软链接: $link"
+            rm "$link"
+        fi
+    fi
+done
+}
+#########################################################################################
+echo "----------------Running APM Dstore Patch----------------"
+
+# execute linkApp function for each app and print output
+exec_uos_package_link
+
+
+#exec_v23_icon_link
+exec_link_clean
+wait
+exec_uos_package_update
+if [[ "${IS_APM_ENV}" = "" ]];then
+exec_debian_compatibile_links
+fi
+
+echo "----------------Finished----------------"
@@ -0,0 +1,151 @@
+#!/bin/bash
+
+# 发送通知
+
+function get_upgradable_list(){
+		output=$(env LANGUAGE=en_US amber-pm-debug aptss list --upgradable  | awk NR\>1)
+
+		IFS_OLD="$IFS"
+		IFS=$'\n'
+
+		for line in $output ; do
+			PKG_NAME=$(echo $line | awk -F '/' '{print $1}')
+			PKG_NEW_VER=$(echo $line | awk -F ' ' '{print $2}')
+			PKG_CUR_VER=$(echo $line | awk -F ' ' '{print $6}' | awk -F ']' '{print $1}')
+			echo "${PKG_NAME} ${PKG_NEW_VER} ${PKG_CUR_VER}"
+		done
+
+		IFS="$IFS_OLD"
+
+}
+
+function get_current_user() {
+    # 优先通过 who 命令获取用户
+    local user
+    user=$(who | awk '{print $1}' | head -n 1 2>/dev/null)
+
+    # 如果 who 无输出，则通过 loginctl 获取
+    if [[ -z "$user" ]]; then
+        user=$(loginctl list-sessions --no-legend 2>/dev/null | awk '{print $3}' | head -n 1)
+    fi
+
+    # 返回最终结果（可能为空）
+    echo "${user}"
+}
+
+function notify-send() {
+    # Detect user using the display
+    local user=$(get_current_user)
+
+    # Detect uid of the user
+    local uid=$(id -u $user)
+
+    sudo -u $user  DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/${uid}/bus notify-send "$@"
+}
+
+# 检测网络链接畅通
+function network-check() {
+    # 超时时间
+    local timeout=15
+
+    # 目标网站
+    local target=www.baidu.com
+
+    # 获取响应状态码
+    local ret_code=$(curl -I -s --connect-timeout ${timeout} ${target} -w %{http_code} | tail -n1)
+
+    if [ "$ret_code" = "200" ]; then
+        # 网络畅通
+        return 0
+    else
+        # 网络不畅通
+        return 1
+    fi
+}
+
+# 初始化等待时间和最大等待时间
+initial_wait_time=15  # 初始等待时间 15 秒
+max_wait_time=$((12 * 3600))  # 最大等待时间 12 小时
+
+# 检测网络，若不通则进行重试，采用指数退避算法
+wait_time=$initial_wait_time
+while ! network-check; do
+    echo "$TRANSHELL_CONTENT_NETWORK_FAIL"
+    echo "Waiting for network to recover... Retrying in ${wait_time} seconds."
+
+    sleep $wait_time
+    wait_time=$((wait_time * 2))  # 等待时间翻倍
+    if [ $wait_time -gt $max_wait_time ]; then
+        wait_time=$max_wait_time  # 最大等待时间限制为12小时
+    fi
+done
+
+# 每日更新星火源文件
+apm autoremove -y
+apm clean
+
+exit
+###########################################################################
+updatetext=$(LANGUAGE=en_US apm update 2>&1)
+
+# 在网络恢复后，继续更新操作
+retry_count=0
+max_retries=12  # 最大重试次数，防止死循环
+
+until ! echo $updatetext | grep -q "E:"; do
+    if [ $retry_count -ge $max_retries ]; then
+        echo "Reached maximum retry limit for apm update."
+        exit 1
+    fi
+
+    echo "Update failed...Will retry in 15sec"
+    sleep 15
+    updatetext=$(LANGUAGE=en_US apm update 2>&1)
+    retry_count=$((retry_count + 1))
+done
+apm clean
+update_app_number=$(env LANGUAGE=en_US apm list --upgradable 2>/dev/null | grep -c upgradable)
+echo "update_app_number is $update_app_number" 
+
+if [ "$update_app_number" -le 0 ]; then
+    exit 0
+fi
+
+# 获取用户选择的要更新的应用
+PKG_LIST="$(get_upgradable_list)"
+# 指定分隔符为 \n
+IFS_OLD="$IFS"
+IFS=$'\n'
+
+for line in $PKG_LIST; do
+#    PKG_NAME=$(echo $line | awk -F ' ' '{print $1}')
+#    PKG_NEW_VER=$(echo $line | awk -F ' ' '{print $2}')
+#    PKG_CUR_VER=$(echo $line | awk -F ' ' '{print $3}')
+
+#    amber-pm-debug dpkg --compare-versions $PKG_NEW_VER le $PKG_CUR_VER
+#
+#    if [ $? -eq 0 ]; then
+#        let update_app_number=$update_app_number-1
+#        continue
+#    fi
+
+    # 检测是否是 hold 状态
+    PKG_STA=$(amber-pm-debug dpkg-query -W -f='\''\${db:Status-Want}'\' $PKG_NAME)
+#PKG_STA=$(dpkg-query -W -f='${db:Status-Want}' $PKG_NAME)
+    if [ "$PKG_STA" = "hold" ]; then
+        let update_app_number=$update_app_number-1
+    fi
+done
+
+# 还原分隔符
+IFS="$IFS_OLD"
+if [ $update_app_number -le 0 ]; then
+    exit 0
+fi
+
+# 如果都是hold或者版本一致的那就直接退出，否则把剩余的给提醒了
+# TODO: 除了apt-mark hold之外额外有一个禁止检查列表
+
+
+notify-send -a apm "APM 琥珀应用包" "有 $update_app_number 个应用可以更新啦，apm list --upgradable 以查看" || true # Some machine don't have bus, or who command just print nothing.
+
@@ -0,0 +1 @@
+/usr/libexec/apm/apm-main
@@ -0,0 +1,6 @@
+# ACE app runs in a container, need privileges within user namespace, so we need to set it
+kernel.unprivileged_userns_clone=1
+# Ubuntu 24.04 has more limitation on unprivileged user namespace,so we have to disable them.
+# refer to https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces
+kernel.apparmor_restrict_unprivileged_unconfined=0
+kernel.apparmor_restrict_unprivileged_userns=0
@@ -0,0 +1,14 @@
+[Unit]
+Description=APM Daily Update
+After=apt-daily.service network.target network-online.target systemd-networkd.service NetworkManager.service connman.service
+
+
+[Service]
+Type=simple
+RemainAfterExit=yes 
+ExecStart=amber-pm-upgrade-notifier
+Restart=on-failure
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target
@@ -0,0 +1,11 @@
+[Unit]  
+Description=Timer for APM Daily Update
+
+[Timer]  
+# 开机后第一次执行  
+OnBootSec=1min  
+# 每天执行一次  
+OnUnitActiveSec=1d  
+
+[Install]  
+WantedBy=timers.target
@@ -0,0 +1,14 @@
+[Unit]
+Description=APM GXDE Fixer
+After=apt-daily.service network.target network-online.target systemd-networkd.service NetworkManager.service connman.service
+
+
+[Service]
+Type=simple
+RemainAfterExit=yes 
+ExecStart=/var/lib/apm/apm/files/bin/ace-gxde-fixer 
+Restart=on-failure
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target
@@ -0,0 +1,17 @@
+#!/bin/bash
+
+
+
+# Ensure base distro defaults xdg path are set if nothing filed up some
+# defaults yet.
+if [ -z "$XDG_DATA_DIRS" ]; then
+    export XDG_DATA_DIRS="/usr/local/share:/usr/share"
+fi
+
+# Desktop files (used by desktop environments within both X11 and Wayland) are
+# looked for in XDG_DATA_DIRS; make sure it includes the relevant directory for ACE
+ACE_path="/var/lib/apm/apm/files/ace-env/amber-ce-tools/data-dir/"
+if [ -n "${XDG_DATA_DIRS##*${ACE_path}}" ] && [ -n "${XDG_DATA_DIRS##*${ACE_path}:*}" ]; then
+    export XDG_DATA_DIRS="${XDG_DATA_DIRS}:${ACE_path}"
+fi
+
@@ -0,0 +1,62 @@
+#!/bin/bash
+# APM 彩蛋功能模块
+# 被 /usr/libexec/apm/apm-main 按需 source
+
+amber_egg() {
+    cat <<'EOF'
+
+    ____                            ____                         
+   / __ )____ __________  ____     / __ )__  ______  ____  __  __
+  / __  / __ `/ ___/ __ \/ __ \   / __  / / / / __ \/ __ \/ / / /
+ / /_/ / /_/ / /  / /_/ / / / /  / /_/ / /_/ / / / / / / / /_/ / 
+/_____/\__,_/_/   \____/_/ /_/  /_____/\__,_/_/ /_/_/ /_/\__, /  
+                                                        /____/   
+
+Amber Package Manager - Sparkling with magic! 安柏包管理器 - blingbling～
+💎 Another target tracked down by Outrider Amber! 侦察骑士，发现目标！
+EOF
+}
+
+bronya_egg() {
+    cat <<'EOF'
+  _   __     ____            _       ____         __              
+ | | / /__ _/ / /____ ______(_)__   / __/_ _____ / /____ __ _     
+ | |/ / _ `/ /  '_/ // / __/ / _-) _\ \/ // (_-</ __/ -_)  ' \    
+ |___/\_,_/_/_/\_\\_, /_/ /_/\__/ /___/\_, /___/\__/\__/_/_/_/    
+  / /  ___ ___ __/___/____/ /         /___/                        
+ / /__/ _ `/ // / _ \/ __/ _ \                                     
+/____/\_,_/_,_/_//_/\__/_//_/        
+
+Valkyrie 系统启动 - 重装小兔，Fire！
+💎 感谢 Anysets 为 AmberCE 和 AmberPM 的 Arch 架构支持提供帮助～
+EOF
+}
+
+xmp360_egg() {
+    cat <<'EOF'
+################################################################################
+################################################################################
+################################################################################
+#####################                                       ####################
+####################.                                       %###################
+##########=                                                 ####################
+############################                                #=========*#########
+#############                                              .%   .*****=  :######
+###############################                            =+   =#######* -#####
+#####                                                      %:   *######## :#####
+######################%                                    #    ########* +#####
+########:                                                  #              %#####
+##########################                                .#              ######
+##################*                                       -*              ######
+##################=        =###%:                         +-    *###*     ######
+##################.      #       %:                          :*       #  -######
+##################.     %  *###=  %                         --  ####   % %######
+########################-  ####+  ###########################  .####.  #########
+#########################        ############################%        ##########
+###########################=::+################################%-:-*############
+################################################################################
+
+哇——————袄 - 撞大运咯！
+💎 感谢 潇湘·秀 为 APM 的 RPM 架构支持提供帮助～
+EOF
+}
@@ -0,0 +1,580 @@
+#!/bin/bash
+VERSION=@VERSION@
+# 获取脚本名称用于帮助信息
+SCRIPT_NAME=$(basename "$0")
+PATH_PREFIX=/var/lib/apm/apm/files/ace-env/
+
+log.warn() { echo -e "[\e[33mWARN\e[0m]:  \e[1m$*\e[0m"; }
+log.error()  { echo -e "[\e[31mERROR\e[0m]: \e[1m$*\e[0m"; }
+log.info() { echo -e "[\e[96mINFO\e[0m]:  \e[1m$*\e[0m"; }
+log.debug()  { echo -e "[\e[32mDEBUG\e[0m]: \e[1m$*\e[0m"; }
+
+# 帮助信息函数
+show_help() {
+    cat <<EOF
+APM - Amber Package Manager ${VERSION}
+
+Usage:
+  $SCRIPT_NAME [COMMAND] [OPTIONS] [PACKAGES...]
+
+
+Commands:
+  install           安装软件包
+  remove            卸载软件包
+  launch <package> [args...]  启动软件包（通过应用启动器）
+  run <package> [EXEC_PATH] [args...]  运行指定软件包的可执行文件（可指定容器内路径）
+  update            更新软件包信息
+  list              查看可用软件包信息
+  search            搜索软件包
+  show              展示包信息
+  clean             清除缓存软件包
+  autoremove        自动移除不需要的包
+
+  amber             彩蛋功能
+  xmp360            彩蛋功能
+  bronya            彩蛋功能
+
+  -h, --help        显示此帮助信息
+  --help-all        显示完整帮助信息
+  -v, --version     展示APM版本号
+
+                                            本 APM 具有兔兔伯爵，女武神装甲和超级大运之力。
+EOF
+}
+
+# 完整帮助信息函数
+show_help_all() {
+    cat <<EOF
+APM - Amber Package Manager ${VERSION}
+
+Usage:
+  $SCRIPT_NAME [COMMAND] [OPTIONS] [PACKAGES...]
+
+
+Commands:
+  install           安装软件包
+  remove            卸载软件包
+  launch <package> [args...]  启动软件包（通过应用启动器）
+  run <package> [EXEC_PATH] [args...]  运行指定软件包的可执行文件（可指定容器内路径）
+  sandbox-run <package> [EXEC_PATH] [args...] 运行指定软件包的可执行文件（主目录沙箱化）
+  bwrap-run <package> [EXEC_PATH] [args...] 运行指定软件包的可执行文件（使用 bwrap）
+
+  update            更新软件包信息
+  hold              锁定软件包版本
+  unhold            解锁软件包版本
+  full-upgrade      升级全部软件包
+  list              查看可用软件包信息
+  search            搜索软件包
+
+  download          下载包
+  show              展示包信息
+  clean             清除缓存软件包
+  autoremove        自动移除不需要的包
+  ssinstall <path>    使用 ssinstall 进行本地软件安装，详情见 spark-store
+  ssaudit <path>    使用 ssaudit 进行本地软件安装，详情见 spark-store
+  debug             显示调试系统信息并进入调试环境
+
+  amber             彩蛋功能
+  xmp360            彩蛋功能
+  bronya            彩蛋功能
+
+  -h, --help        显示简要帮助信息
+  --help-all        显示此完整帮助信息
+  -v, --version     展示APM版本号
+
+                                            本 APM 具有兔兔伯爵，女武神装甲和超级大运之力。
+EOF
+}
+
+apm_exec(){
+    # ===============================
+    # 基础变量
+    # ===============================
+    local lowerdirs=()
+    local env_layers=()
+    local addon_envs=()
+    local processed_addon_pkgs=()
+    local current_dir="${PATH_PREFIX}/var/lib/apm/${coredir}"
+    local next_info_file=""
+    local APM_RUN_EXEC=/var/lib/apm/apm/files/ace-run
+
+    # ===============================
+    # 辅助函数：解析并添加某个包的 addons
+    # ===============================
+    _resolve_addons() {
+        local pkgname="$1"
+        # 去重检查：每个包的 addons 只处理一次
+        for processed in "${processed_addon_pkgs[@]}"; do
+            [[ "$processed" == "$pkgname" ]] && return
+        done
+        processed_addon_pkgs+=("$pkgname")
+
+        local pkg_dir="${PATH_PREFIX}/var/lib/apm/${pkgname}"
+        local all_addons=()
+
+        # 先读取 info_layer_addons.d 目录（.d 配置优先级更高）
+        if [[ -d "${pkg_dir}/info_layer_addons.d" ]]; then
+            local addon_file
+            for addon_file in $(ls -1 "${pkg_dir}/info_layer_addons.d" 2>/dev/null | sort); do
+                local addon_name="${addon_file#*-}"
+                [[ -z "$addon_name" ]] && continue
+                all_addons+=("$addon_name")
+            done
+        fi
+
+        # 再读取 info_layer_addons 主文件
+        if [[ -f "${pkg_dir}/info_layer_addons" ]]; then
+            local addon_name
+            while IFS= read -r addon_name; do
+                [[ -z "$addon_name" ]] && continue
+                all_addons+=("$addon_name")
+            done < "${pkg_dir}/info_layer_addons"
+        fi
+
+        local addon
+        for addon in "${all_addons[@]}"; do
+            # 在 lowerdirs 中去重
+            local dup=false
+            local existing
+            for existing in "${lowerdirs[@]}"; do
+                if [[ "$existing" == "${PATH_PREFIX}/var/lib/apm/${addon}/files/ace-env" ]] || \
+                   [[ "$existing" == "${PATH_PREFIX}/var/lib/apm/${addon}/files/core" ]]; then
+                    dup=true
+                    break
+                fi
+            done
+            [[ "$dup" == true ]] && continue
+
+            if [[ -d "${PATH_PREFIX}/var/lib/apm/${addon}/files/ace-env" ]]; then
+                lowerdirs+=("${PATH_PREFIX}/var/lib/apm/${addon}/files/ace-env")
+            elif [[ -d "${PATH_PREFIX}/var/lib/apm/${addon}/files/core" ]]; then
+                lowerdirs+=("${PATH_PREFIX}/var/lib/apm/${addon}/files/core")
+            else
+                log.warn "Addon layer not found: $addon"
+                continue
+            fi
+
+            if [[ -f "${PATH_PREFIX}/var/lib/apm/${addon}/info_env" ]]; then
+                addon_envs+=("${PATH_PREFIX}/var/lib/apm/${addon}/info_env")
+            fi
+        done
+    }
+
+    # ===============================
+    # 递归读取 info / info_env / addons
+    # ===============================
+    while : ; do
+        next_info_file="${current_dir}/info"
+
+        # 记录 info_env
+        if [[ -f "${current_dir}/info_env" ]]; then
+            env_layers+=("${current_dir}/info_env")
+        fi
+
+        # 没有 info 也处理 addons（最底层 base 也可以有 addons），然后停止
+        if [[ ! -f "$next_info_file" ]]; then
+            local pkgname
+            pkgname="$(basename "$current_dir")"
+            _resolve_addons "$pkgname"
+            break
+        fi
+
+        # 读取依赖层
+        while IFS= read -r basedir; do
+            [[ -z "$basedir" ]] && continue
+
+            # 先处理该 base 的 addons（addons 在 base 之上）
+            _resolve_addons "$basedir"
+
+            if [[ -d "${PATH_PREFIX}/var/lib/apm/${basedir}/files/ace-env" ]]; then
+                lowerdirs+=("${PATH_PREFIX}/var/lib/apm/${basedir}/files/ace-env")
+            elif [[ -d "${PATH_PREFIX}/var/lib/apm/${basedir}/files/core" ]]; then
+                lowerdirs+=("${PATH_PREFIX}/var/lib/apm/${basedir}/files/core")
+            else
+                log.warn "Neither ace-env nor core directory found for base: $basedir"
+            fi
+        done < "$next_info_file"
+
+        # 递归到下一个
+        local next_basedir
+        next_basedir="$(tail -n 1 "$next_info_file")"
+        [[ -z "$next_basedir" || ! -d "${PATH_PREFIX}/var/lib/apm/${next_basedir}" ]] && break
+        current_dir="${PATH_PREFIX}/var/lib/apm/${next_basedir}"
+    done
+
+    # ===============================
+    # info_layer_override（最高优先级）
+    # ===============================
+    local override_file="${PATH_PREFIX}/var/lib/apm/${coredir}/info_layer_override"
+    if [[ -f "$override_file" ]]; then
+        log.debug "Found info_layer_override: $override_file"
+
+        local override_dirs=()
+        local override_envs=()
+
+        while IFS= read -r basedir; do
+            [[ -z "$basedir" ]] && continue
+            local base="${PATH_PREFIX}/var/lib/apm/${basedir}"
+
+            if [[ -d "${base}/files/ace-env" ]]; then
+                override_dirs+=("${base}/files/ace-env")
+            elif [[ -d "${base}/files/core" ]]; then
+                override_dirs+=("${base}/files/core")
+            else
+                log.warn "Override layer not found: $basedir"
+            fi
+
+            if [[ -f "${base}/info_env" ]]; then
+                override_envs+=("${base}/info_env")
+            fi
+        done < "$override_file"
+
+        # override 层放最前（最高）
+        if [[ ${#override_dirs[@]} -gt 0 ]]; then
+            lowerdirs=("${override_dirs[@]}" "${lowerdirs[@]}")
+        fi
+
+        # override env 最后应用（最高）
+        if [[ ${#override_envs[@]} -gt 0 ]]; then
+            env_layers+=("${override_envs[@]}")
+        fi
+    fi
+
+    # ===============================
+    # 追加 addon envs（在 base env 之后，override env 之前）
+    # 反向追加以确保层级高的 addon env 后加载（优先级更高）
+    # ===============================
+    if [[ ${#addon_envs[@]} -gt 0 ]]; then
+        local i
+        for ((i=${#addon_envs[@]}-1; i>=0; i--)); do
+            env_layers+=("${addon_envs[i]}")
+        done
+    fi
+
+    # ===============================
+    # 检查 lowerdir
+    # ===============================
+    if [[ ${#lowerdirs[@]} -eq 0 ]]; then
+        log.error "No valid lower directories found for package: $coredir"
+        return 1
+    fi
+
+    local lowerdir
+    lowerdir=$(IFS=:; echo "${lowerdirs[*]}")
+
+    mkdir -p "/tmp/apm/${coredir}"
+
+    # ===============================
+    # 应用 info_env（从下到上）
+    # ===============================
+    for env_file in "${env_layers[@]}"; do
+        log.debug "Applying env: $env_file"
+
+        while IFS= read -r line || [[ -n "$line" ]]; do
+            [[ -z "$line" || "$line" =~ ^[[:space:]]*# ]] && continue
+
+            if [[ "$line" =~ ^[A-Za-z_][A-Za-z0-9_]*= ]]; then
+                local key="${line%%=*}"
+                local val="${line#*=}"
+
+                # 去首尾空白
+                val="${val#"${val%%[![:space:]]*}"}"
+                val="${val%"${val##*[![:space:]]}"}"
+
+                # 去外层引号
+                if [[ "$val" =~ ^\".*\"$ || "$val" =~ ^\'.*\'$ ]]; then
+                    val="${val:1:-1}"
+                fi
+
+                export "$key=$val"
+            else
+                log.warn "Invalid env line ignored: $line"
+            fi
+        done < "$env_file"
+    done
+
+    # ===============================
+    # 挂载 overlay
+    # ===============================
+    log.debug "Mounting overlayfs"
+    log.debug "lowerdir=$lowerdir"
+
+    fuse-overlayfs \
+        -o lowerdir="$lowerdir",upperdir="${PATH_PREFIX}/var/lib/apm/${coredir}/files/core/",workdir="${PATH_PREFIX}/var/lib/apm/${coredir}/files/work/" \
+        "/tmp/apm/${coredir}"
+
+    # ===============================
+    # 执行
+    # ===============================
+    chrootEnvPath="/tmp/apm/${coredir}" "${APM_RUN_EXEC}" "$@"
+
+    # ===============================
+    # 卸载
+    # ===============================
+    umount "/tmp/apm/${coredir}"
+}
+
+# 启动应用：通过 amber-pm-app-launcher 运行
+apm_launch() {
+    local pkg="$1"
+    shift
+    if [ -z "$pkg" ]; then
+        log.error "Package name required for 'launch' command"
+        return 1
+    fi
+
+    # 保存原始 PATH_PREFIX，检查包是否存在（逻辑同 run 分支）
+    local original_path_prefix="$PATH_PREFIX"
+    if ! [ -d "${PATH_PREFIX}/var/lib/apm/$pkg" ]; then
+        if [ -d "/var/lib/apm/$pkg" ]; then
+            PATH_PREFIX=""
+        else
+            log.error "Package not installed: $pkg"
+            return 1
+        fi
+    fi
+
+    # 调用应用启动器，传递所有参数
+    amber-pm-app-launcher "$pkg" "$@"
+    local exit_code=$?
+
+    # 恢复 PATH_PREFIX（不影响后续命令）
+    PATH_PREFIX="$original_path_prefix"
+    return $exit_code
+}
+
+# 调试信息函数
+debug_info() {
+    log.debug "======= APM Debug Information ======="
+    log.debug "User: $(whoami)"
+    log.debug "Hostname: $(hostname)"
+    log.debug "OS: $(lsb_release -ds 2>/dev/null || uname -om)"
+    log.debug "Kernel: $(uname -sr)"
+    log.debug "Bash Version: ${BASH_VERSION}"
+    log.debug "APT Version: $(apt --version | head -n1)"
+    log.debug "APM APT Version: $(amber-pm-debug apt --version | head -n1)"
+    log.debug "====================================="
+
+amber-pm-debug "$@"
+
+}
+
+
+apm-nvidia-toggle(){
+
+# APM 基础路径
+APM_BASE="${PATH_PREFIX}/var/lib/apm"
+
+# 检查基础目录是否存在
+if [[ ! -d "$APM_BASE" ]]; then
+    echo "错误: 目录 $APM_BASE 不存在"
+    exit 1
+fi
+
+# 遍历 /var/lib/apm 下的所有目录
+for dir in "$APM_BASE"/*/; do
+    # 移除末尾的斜杠得到纯目录名
+    dir="${dir%/}"
+    
+    # 提取目录名（不包括完整路径）
+    dirname=$(basename "$dir")
+    # 检查目标文件是否存在
+    target_file="${APM_BASE}/${dirname}/files/ace-env"
+    if [[ -e "$target_file" ]]; then
+        
+        # 将目录传递给 amber-pm-configure-nvidia
+        amber-pm-configure-nvidia "$target_file"
+        
+
+    fi
+done
+}
+
+# 主命令处理
+case "$1" in
+    install|full-upgrade|upgrade|reinstall)
+    command=$1
+    shift
+    amber-pm-debug aptss "$command" "$@"
+    exit_code=$?
+    
+    # 如果第一次执行失败，尝试修复并重试
+    if [ $exit_code -ne 0 ]; then
+        log.warn "Command failed, attempting to fix with dpkg --configure -a..."
+        amber-pm-debug dpkg --configure -a
+        log.info "Retrying $command..."
+        amber-pm-debug aptss "$command" "$@"
+        exit_code=$?
+    fi
+    
+    if [ $exit_code -eq 0 ]; then
+        log.info "Operation successful"
+    else
+        log.error "Error: Operation failed"
+        exit $exit_code
+    fi
+    amber-pm-debug amber-pm-dstore-patch
+    apm-nvidia-toggle
+    amber-pm-desktop-fix
+    update-mime-database /var/lib/apm/apm/files/ace-env/amber-ce-tools/data-dir/mime > /dev/null 2>&1 &
+    ;;
+    download|search|policy|list|update|clean|show|depends|rdepends|changelog|moo)
+    command=$1
+    shift
+    amber-pm-debug aptss "$command" "$@"
+        exit_code=$?
+    if [ $exit_code -eq 0 ]; then
+        log.info "Operation successful"
+    else
+        log.error "Error: Operation failed"
+        exit $exit_code
+    fi
+    ;;
+    hold|unhold)
+    command=$1
+    shift
+    amber-pm-debug apt-mark "$command" "$@"
+        exit_code=$?
+    if [ $exit_code -eq 0 ]; then
+        log.info "Operation successful"
+    else
+        log.error "Error: Operation failed"
+        exit $exit_code
+    fi
+    ;;
+
+   remove|autoremove|purge|autopurge)
+        # 特殊APT命令：移除第一个参数后传递其余参数
+        command=$1
+        shift
+        amber-pm-debug aptss "$command" "$@"
+        exit_code=$?
+    if [ $exit_code -eq 0 ]; then
+        log.info "Operation successful"
+    else
+        log.error "Error: Operation failed"
+        exit $exit_code
+    fi
+        amber-pm-debug amber-pm-dstore-patch
+        amber-pm-desktop-fix
+        ;;
+   launch)
+        shift
+        apm_launch "$@"
+        exit_code=$?
+        if [ $exit_code -eq 0 ]; then
+            log.info "Operation successful"
+        else
+            log.error "Error: Operation failed"
+            exit $exit_code
+        fi
+        ;;
+   run)
+        # 运行包命令：第二个参数必须是包名
+        if [ -z "$2" ]; then
+            log.error "Package name required for 'run' command"
+            show_help
+            exit 1
+        fi
+        
+        # 检查包是否已安装
+        pkg="$2"
+        shift 2  # 移除 'run' 和包名
+        
+        if ! ls "${PATH_PREFIX}/var/lib/apm/$pkg" >/dev/null 2>&1; then
+        # 如果带前缀的目录不存在，尝试不带前缀的目录
+            if ls "/var/lib/apm/$pkg" >/dev/null 2>&1; then
+                # 如果不带前缀的目录存在，清空 PATH_PREFIX
+                PATH_PREFIX=""
+            else
+                # 如果两个目录都不存在，报错退出
+                log.error "Package not installed: $pkg"
+                exit 1
+            fi
+        fi
+        
+        coredir=$pkg
+        export APM_PKG_NAME=$pkg
+
+        # 检测是否有额外命令参数
+        if [ $# -gt 0 ]; then
+            # 有额外参数：执行用户提供的命令
+            log.info "Running user command: $*"
+            apm_exec "$@"
+        else
+            # 没有额外参数：提示用户改用 launch，并自动调用 launch
+            log.info "未指定可执行文件路径。如果希望在未指定容器路径的情况下启动应用程序，推荐使用 \"launch\" 命令"
+            log.info "正在启动：$SCRIPT_NAME launch $pkg"
+            apm_launch "$pkg"
+            exit $?
+        fi
+        ;;
+   sandbox-run)
+        # 运行包命令：第二个参数必须是包名
+        export APM_USE_SANDBOX=1
+        shift
+        "$0" run "$@"
+        ;;
+   bwrap-run)
+        # 运行包命令：使用特殊的挂载参数以支持bwrap
+        export APM_USE_BWRAP=1
+        shift
+        "$0" run "$@"
+        ;;
+    debug)
+        shift
+        debug_info $@
+        ;;
+    ssaudit)
+        amber-pm-debug dpkg --configure -a
+        amber-pm-debug ssaudit $@ --native
+        exit_code=$?
+    if [ $exit_code -eq 0 ]; then
+        log.info "Operation successful"
+    else
+        log.error "Error: Operation failed"
+        exit $exit_code
+    fi
+        amber-pm-debug amber-pm-dstore-patch
+        amber-pm-desktop-fix
+
+        ;;
+    ssinstall)
+        amber-pm-debug dpkg --configure -a
+        amber-pm-debug ssinstall $@ --native
+        exit_code=$?
+    if [ $exit_code -eq 0 ]; then
+        log.info "Operation successful"
+    else
+        log.error "Error: Operation failed"
+        exit $exit_code
+    fi
+        amber-pm-debug amber-pm-dstore-patch
+        amber-pm-desktop-fix
+
+        ;;
+    -h|--help)
+        show_help
+        ;;
+    --help-all)
+        show_help_all
+        ;;
+    -v|--version)
+        echo "$VERSION"
+        ;;
+    amber)
+        source /usr/libexec/apm/apm-eggs
+        amber_egg
+        ;;
+    xmp360)
+        source /usr/libexec/apm/apm-eggs
+        xmp360_egg
+        ;;
+    bronya)
+        source /usr/libexec/apm/apm-eggs
+        bronya_egg
+        ;;
+    *)
+        show_help
+        ;;
+esac
@@ -0,0 +1,321 @@
+# Debian apt(8) completion                             -*- shell-script -*-
+
+_apm()
+{
+    local sourcesdir="/etc/apt/sources.list.d"
+    local cur prev words cword
+    _init_completion || return
+
+    local GENERIC_APT_GET_OPTIONS='
+        -d --download-only
+        -y --assume-yes
+        --assume-no
+        -u --show-upgraded
+        -m --ignore-missing
+        -t --target-release
+        --download
+        --fix-missing
+        --ignore-hold
+        --upgrade
+        --only-upgrade
+        --allow-change-held-packages
+        --allow-remove-essential
+        --allow-downgrades
+        --print-uris
+        --trivial-only
+        --remove
+        --arch-only
+        --allow-unauthenticated
+        --allow-insecure-repositories
+        --install-recommends
+        --install-suggests
+        --no-install-recommends
+        --no-install-suggests
+        --fix-policy
+    '
+
+    # see if the user selected a command already
+    local COMMANDS=(
+        "ssaudit"
+        "ssinstall"
+        "launch"
+        "list"
+        "search"
+        "show" "showsrc"
+        "install" "remove" "purge" "autoremove" "autopurge"
+        "update"
+        "upgrade" "full-upgrade" "dist-upgrade"
+        "run"
+        "sandbox-run"
+        "bwrap-run"
+        "help"
+        "source" "build-dep"
+        "clean" "autoclean"
+        "download" "changelog"
+        "amber"
+        "xmp360"
+        "bronya"
+        "debug"
+        "depends" "rdepends"
+        "policy")
+
+    local command i
+    for (( i=0; i < ${#words[@]}-1; i++ )); do
+        if [[ ${COMMANDS[@]} =~ ${words[i]} ]]; then
+            command=${words[i]}
+            break
+        fi
+    done
+
+
+
+    # supported options per command
+    if [[ "$cur" == -* ]]; then
+        case $command in
+            install|remove|purge|upgrade|dist-upgrade|full-upgrade|autoremove|autopurge)
+                COMPREPLY=( $( compgen -W '--show-progress
+                  --fix-broken --purge --verbose-versions --auto-remove
+                  -s --simulate --dry-run
+                  --download
+                  --fix-missing
+                  --fix-policy
+                  --ignore-hold
+                  --force-yes
+                  --trivial-only
+                  --reinstall --solver
+                  -t --target-release'"$GENERIC_APT_GET_OPTIONS" -- "$cur" ) )
+                return 0
+                ;;
+            update)
+                COMPREPLY=( $( compgen -W '--list-cleanup
+                  --print-uris
+                  --allow-insecure-repositories
+                  ' -- "$cur" ) )
+                return 0
+                ;;
+            list)
+                COMPREPLY=( $( compgen -W '--installed --upgradable 
+                  --manual-installed
+                  -v --verbose
+                  -a --all-versions
+                  -t --target-release
+                  ' -- "$cur" ) )
+                return 0
+                ;;
+            show)
+                COMPREPLY=( $( compgen -W '-a --all-versions
+                  ' -- "$cur" ) )
+                return 0
+                ;;
+            depends|rdepends)
+                COMPREPLY=( $( compgen -W '-i
+                    --important
+                    --installed
+                    --pre-depends
+                    --depends
+                    --recommends
+                    --suggests
+                    --replaces
+                    --breaks
+                    --conflicts
+                    --enhances
+                    --recurse
+                    --implicit' -- "$cur" ) )
+                return 0
+                ;;
+            search)
+                COMPREPLY=( $( compgen -W '
+                    -n --names-only
+                    -f --full' -- "$cur" ) )
+                return 0
+                ;;
+            showsrc)
+                COMPREPLY=( $( compgen -W '
+                    --only-source' -- "$cur" ) )
+                return 0
+                ;;
+            source)
+                COMPREPLY=( $( compgen -W '
+                    -s --simulate --dry-run
+                    -b --compile --build
+                    -P --build-profiles
+                    --diff-only --debian-only
+                    --tar-only
+                    --dsc-only
+                    -t --target-release
+                    '"$GENERIC_APT_GET_OPTIONS" -- "$cur" ) )
+                return 0
+                ;;
+            build-dep)
+                COMPREPLY=( $( compgen -W '
+                    -a --host-architecture
+                    -s --simulate --dry-run
+                    -P --build-profiles
+                    -t --target-release
+                    --purge --solver
+                    '"$GENERIC_APT_GET_OPTIONS" -- "$cur" ) )
+                return 0
+                ;;
+            moo)
+                COMPREPLY=( $( compgen -W '
+                    --color
+                    ' -- "$cur" ) )
+                return 0
+                ;;
+            clean|autoclean)
+                COMPREPLY=( $( compgen -W '
+                    -s --simulate --dry-run
+                    ' -- "$cur" ) )
+                return 0
+                ;;
+        esac
+    fi
+# 定义目录路径
+primary_dir="/var/lib/apm/apm/files/ace-env/var/lib/apm/"
+fallback_dir="/var/lib/apm/"
+
+# 查找不包含特定子目录的目录
+find_directories_without_ace_env() {
+    local base_dir="$1"
+    local result=()
+    
+    # 检查基础目录是否存在
+    if [[ ! -d "$base_dir" ]]; then
+        return 1
+    fi
+    
+    # 查找所有直接子目录，排除包含ace-env子目录的目录
+    while IFS= read -r -d '' dir; do
+        if [[ -d "$dir" ]] && [[ ! -d "$dir/files/ace-env" ]]; then
+            result+=("$(basename "$dir")")
+        fi
+    done < <(find "$base_dir" -maxdepth 1 -type d ! -path "$base_dir" -print0 2>/dev/null)
+    
+    # 输出结果
+    if [[ ${#result[@]} -gt 0 ]]; then
+        printf '%s\n' "${result[@]}"
+        return 0
+    fi
+    return 1
+}
+
+function apm_run_compgen(){
+    result=$(find_directories_without_ace_env "$primary_dir")
+
+    if [[ -n "$result" ]]; then
+        echo "$result"
+    else
+        result=$(find_directories_without_ace_env "$fallback_dir")
+        if [[ -n "$result" ]]; then
+            echo "$result"
+        else
+            echo ""
+        fi
+    fi
+}
+
+# 获取当前命令的参数位置
+get_arg_position() {
+    local cmd="$1"
+    local pos=0
+    local found_cmd=0
+    
+    for (( i=1; i < ${#words[@]}; i++ )); do
+        if [[ $found_cmd -eq 0 ]]; then
+            if [[ "${words[i]}" == "$cmd" ]]; then
+                found_cmd=1
+            fi
+        else
+            # 跳过选项参数（以-开头）
+            if [[ "${words[i]}" != -* ]]; then
+                ((pos++))
+            fi
+        fi
+    done
+    echo $pos
+}
+
+    # specific command arguments
+    if [[ -n $command ]]; then
+        # 获取参数位置
+        local arg_pos=$(get_arg_position "$command")
+        
+        case $command in
+            remove|purge|autoremove)
+                # 第一个参数匹配包名
+                if [[ $arg_pos -eq 1 ]]; then
+                    COMPREPLY=( $( compgen -W "$(ls /var/lib/apm/apm/files/ace-env/var/lib/apm/ )" "$cur" ) )
+                fi
+                return 0
+                ;;
+            show|list|download|changelog|depends|rdepends)
+                # 第一个参数匹配包名
+                if [[ $arg_pos -eq 1 ]]; then
+                    COMPREPLY=( $( amber-pm-debug apt-cache --no-generate pkgnames "$cur" -o Dir::Cache="/var/lib/aptss/"  \
+                        2> /dev/null ) )
+                fi
+                return 0
+                ;;
+            install)
+                # 第一个参数匹配包名
+                if [[ $arg_pos -eq 1 ]]; then
+                    COMPREPLY=( $( amber-pm-debug apt-cache --no-generate pkgnames "$cur" -o Dir::Cache="/var/lib/aptss/"  \
+                        2> /dev/null ) )
+                    if [[ "$cur" == ./* || "$cur" == /* ]]; then
+                        _filedir "deb"
+                    fi
+                fi
+                return 0
+                ;;
+            source|build-dep|showsrc|policy)
+                # 第一个参数匹配包名
+                if [[ $arg_pos -eq 1 ]]; then
+                    COMPREPLY=( $( amber-pm-debug apt-cache --no-generate pkgnames "$cur" -o Dir::Cache="/var/lib/aptss/"  \
+                        2> /dev/null ) $( apt-cache dumpavail -o Dir::Cache="/var/lib/aptss/"  | \
+                        command grep "^Source: $cur" | sort -u | cut -f2 -d" " ) )
+                fi
+                return 0
+                ;;
+            run|sandbox-run|bwrap-run)
+                # 第一个参数匹配包名
+                if [[ $arg_pos -eq 1 ]]; then
+                    COMPREPLY=( $( compgen -W "$(apm_run_compgen)" "$cur" ) )
+                # 第二个及以后参数匹配文件
+                elif [[ $arg_pos -ge 2 ]]; then
+                    _filedir
+                fi
+                return 0
+                ;;
+            launch)
+                # 第一个参数匹配包名
+                if [[ $arg_pos -eq 1 ]]; then
+                    COMPREPLY=( $( compgen -W "$(apm_run_compgen)" "$cur" ) )
+                # 第二个及以后参数匹配文件
+                elif [[ $arg_pos -ge 2 ]]; then
+                    _filedir
+                fi
+                return 0
+                ;;
+            ssaudit)
+                # ssaudit 命令总是匹配文件
+                _filedir
+                return 0
+                ;;
+            ssinstall)
+                # ssinstall 命令总是匹配文件
+                _filedir
+                return 0
+                ;;
+        esac
+    fi
+
+    # no command yet, show what commands we have
+    if [ "$command" = "" ]; then
+        COMPREPLY=( $( compgen -W '${COMMANDS[@]}' -- "$cur" ) )
+    fi
+
+    return 0
+} &&
+complete -F _apm apm
+
+# ex: ts=4 sw=4 et filetype=sh
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
+<policyconfig>
+    <vendor>Flamescion</vendor>
+    <icon_name>x-package-repository</icon_name>
+    <action id="store.spark-app.apm-uninstaller">
+        <description>运行justinstallme需要权限</description>
+        <message>要使用ssinstall需要权限</message>
+        <defaults>
+            <allow_any>yes</allow_any>
+            <allow_inactive>yes</allow_inactive>
+            <allow_active>yes</allow_active>
+        </defaults>
+        <annotate key="org.freedesktop.policykit.exec.path">/usr/bin/amber-pm-app-uninstaller</annotate>
+        <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
+    </action>
+</policyconfig>
@@ -0,0 +1,191 @@
+#compdef apm
+
+local context state line
+local -a commands options
+
+# 定义命令列表
+commands=(  
+  'ssaudit:使用 ssaudit 进行本地软件安装'
+  'ssinstall:使用 ssinstall 进行本地软件安装'
+  'launch:启动软件包（通过应用启动器）'
+  'list:查看可用软件包信息'
+  'search:搜索软件包'
+  'show:展示包信息'
+  'showsrc:展示源码包信息'
+  'install:安装软件包'
+  'remove:卸载软件包'
+  'purge:彻底卸载软件包'
+  'autoremove:自动移除不需要的包'
+  'autopurge:自动彻底移除不需要的包'
+  'update:更新软件包信息'
+  'upgrade:升级软件包'
+  'full-upgrade:升级全部软件包'
+  'dist-upgrade:分发升级'
+  'run:运行指定软件包的可执行文件'
+  'sandbox-run:运行指定软件包的可执行文件（主目录沙箱化）'
+  'bwrap-run:运行指定软件包的可执行文件（使用 bwrap）'
+  'help:显示帮助信息'
+  'source:获取源码包'
+  'build-dep:安装构建依赖'
+  'clean:清除缓存软件包'
+  'autoclean:自动清除缓存软件包'
+  'download:下载包'
+  'changelog:查看包的变更日志'
+  'amber:彩蛋功能'
+  'xmp360:彩蛋功能'
+  'bronya:彩蛋功能'
+  'debug:显示调试系统信息并进入调试环境'
+  'depends:查看包依赖'
+  'rdepends:查看反向依赖'
+  'policy:查看包策略'
+)
+
+# 定义通用选项
+options=(  
+  '-h[显示帮助信息]'
+  '--help[显示帮助信息]'
+  '--help-all[显示完整帮助信息]'
+  '-v[展示APM版本号]'
+  '--version[展示APM版本号]'
+)
+
+# 定义命令特定选项
+local -A command_options
+command_options=(  
+  'install' '-d[仅下载不安装] --download-only[仅下载不安装] -y[自动回答是] --assume-yes[自动回答是] --assume-no[自动回答否] -u[显示已升级的包] --show-upgraded[显示已升级的包] -m[忽略缺失的包] --ignore-missing[忽略缺失的包] -t[指定目标发行版] --target-release[指定目标发行版] --download[下载] --fix-missing[修复缺失的包] --ignore-hold[忽略被锁定的包] --upgrade[升级] --only-upgrade[仅升级] --allow-change-held-packages[允许更改被锁定的包] --allow-remove-essential[允许移除 essential 包] --allow-downgrades[允许降级] --print-uris[打印 URI] --trivial-only[仅处理简单的升级] --remove[移除] --arch-only[仅处理架构相关的包] --allow-unauthenticated[允许未认证的包] --allow-insecure-repositories[允许不安全的仓库] --install-recommends[安装推荐的包] --install-suggests[安装建议的包] --no-install-recommends[不安装推荐的包] --no-install-suggests[不安装建议的包] --fix-policy[修复策略] --show-progress[显示进度] --fix-broken[修复损坏的包] --purge[彻底移除] --verbose-versions[显示详细版本信息] --auto-remove[自动移除不需要的包] -s[模拟运行] --simulate[模拟运行] --dry-run[模拟运行] --force-yes[强制回答是] --reinstall[重新安装] --solver[指定解算器]'
+  'remove' '-d[仅下载不安装] --download-only[仅下载不安装] -y[自动回答是] --assume-yes[自动回答是] --assume-no[自动回答否] -u[显示已升级的包] --show-upgraded[显示已升级的包] -m[忽略缺失的包] --ignore-missing[忽略缺失的包] -t[指定目标发行版] --target-release[指定目标发行版] --download[下载] --fix-missing[修复缺失的包] --ignore-hold[忽略被锁定的包] --upgrade[升级] --only-upgrade[仅升级] --allow-change-held-packages[允许更改被锁定的包] --allow-remove-essential[允许移除 essential 包] --allow-downgrades[允许降级] --print-uris[打印 URI] --trivial-only[仅处理简单的升级] --remove[移除] --arch-only[仅处理架构相关的包] --allow-unauthenticated[允许未认证的包] --allow-insecure-repositories[允许不安全的仓库] --install-recommends[安装推荐的包] --install-suggests[安装建议的包] --no-install-recommends[不安装推荐的包] --no-install-suggests[不安装建议的包] --fix-policy[修复策略] --show-progress[显示进度] --fix-broken[修复损坏的包] --purge[彻底移除] --verbose-versions[显示详细版本信息] --auto-remove[自动移除不需要的包] -s[模拟运行] --simulate[模拟运行] --dry-run[模拟运行] --force-yes[强制回答是] --reinstall[重新安装] --solver[指定解算器]'
+  'update' '--list-cleanup[清理列表] --print-uris[打印 URI] --allow-insecure-repositories[允许不安全的仓库]'
+  'list' '--installed[显示已安装的包] --upgradable[显示可升级的包] --manual-installed[显示手动安装的包] -v[详细输出] --verbose[详细输出] -a[显示所有版本] --all-versions[显示所有版本] -t[指定目标发行版] --target-release[指定目标发行版]'
+  'show' '-a[显示所有版本] --all-versions[显示所有版本]'
+  'depends' '-i[重要依赖] --important[重要依赖] --installed[已安装的依赖] --pre-depends[预依赖] --depends[依赖] --recommends[推荐依赖] --suggests[建议依赖] --replaces[替换] --breaks[破坏] --conflicts[冲突] --enhances[增强] --recurse[递归] --implicit[隐式依赖]'
+  'rdepends' '-i[重要依赖] --important[重要依赖] --installed[已安装的依赖] --pre-depends[预依赖] --depends[依赖] --recommends[推荐依赖] --suggests[建议依赖] --replaces[替换] --breaks[破坏] --conflicts[冲突] --enhances[增强] --recurse[递归] --implicit[隐式依赖]'
+  'search' '-n[仅按名称搜索] --names-only[仅按名称搜索] -f[完整搜索] --full[完整搜索]'
+  'showsrc' '--only-source[仅源码]'
+  'source' '-d[仅下载不安装] --download-only[仅下载不安装] -y[自动回答是] --assume-yes[自动回答是] --assume-no[自动回答否] -u[显示已升级的包] --show-upgraded[显示已升级的包] -m[忽略缺失的包] --ignore-missing[忽略缺失的包] -t[指定目标发行版] --target-release[指定目标发行版] --download[下载] --fix-missing[修复缺失的包] --ignore-hold[忽略被锁定的包] --upgrade[升级] --only-upgrade[仅升级] --allow-change-held-packages[允许更改被锁定的包] --allow-remove-essential[允许移除 essential 包] --allow-downgrades[允许降级] --print-uris[打印 URI] --trivial-only[仅处理简单的升级] --remove[移除] --arch-only[仅处理架构相关的包] --allow-unauthenticated[允许未认证的包] --allow-insecure-repositories[允许不安全的仓库] --install-recommends[安装推荐的包] --install-suggests[安装建议的包] --no-install-recommends[不安装推荐的包] --no-install-suggests[不安装建议的包] --fix-policy[修复策略] -s[模拟运行] --simulate[模拟运行] --dry-run[模拟运行] -b[编译] --compile[编译] --build[编译] -P[构建配置文件] --build-profiles[构建配置文件] --diff-only[仅差异] --debian-only[仅 Debian] --tar-only[仅 tar] --dsc-only[仅 dsc]'
+  'build-dep' '-d[仅下载不安装] --download-only[仅下载不安装] -y[自动回答是] --assume-yes[自动回答是] --assume-no[自动回答否] -u[显示已升级的包] --show-upgraded[显示已升级的包] -m[忽略缺失的包] --ignore-missing[忽略缺失的包] -t[指定目标发行版] --target-release[指定目标发行版] --download[下载] --fix-missing[修复缺失的包] --ignore-hold[忽略被锁定的包] --upgrade[升级] --only-upgrade[仅升级] --allow-change-held-packages[允许更改被锁定的包] --allow-remove-essential[允许移除 essential 包] --allow-downgrades[允许降级] --print-uris[打印 URI] --trivial-only[仅处理简单的升级] --remove[移除] --arch-only[仅处理架构相关的包] --allow-unauthenticated[允许未认证的包] --allow-insecure-repositories[允许不安全的仓库] --install-recommends[安装推荐的包] --install-suggests[安装建议的包] --no-install-recommends[不安装推荐的包] --no-install-suggests[不安装建议的包] --fix-policy[修复策略] -a[主机架构] --host-architecture[主机架构] -s[模拟运行] --simulate[模拟运行] --dry-run[模拟运行] -P[构建配置文件] --build-profiles[构建配置文件] --purge[彻底移除] --solver[指定解算器]'
+  'clean' '-s[模拟运行] --simulate[模拟运行] --dry-run[模拟运行]'
+  'autoclean' '-s[模拟运行] --simulate[模拟运行] --dry-run[模拟运行]'
+)
+
+# 定义目录路径
+local primary_dir="/var/lib/apm/apm/files/ace-env/var/lib/apm/"
+local fallback_dir="/var/lib/apm/"
+
+# 查找不包含特定子目录的目录
+function find_directories_without_ace_env() {
+  local base_dir="$1"
+  local result=()
+  
+  # 检查基础目录是否存在
+  if [[ ! -d "$base_dir" ]]; then
+    return 1
+  fi
+  
+  # 查找所有直接子目录，排除包含ace-env子目录的目录
+  for dir in "$base_dir"/*; do
+    if [[ -d "$dir" ]] && [[ ! -d "$dir/files/ace-env" ]]; then
+      result+=("$(basename "$dir")")
+    fi
+  done
+  
+  # 输出结果
+  if [[ ${#result[@]} -gt 0 ]]; then
+    print -l "${result[@]}"
+    return 0
+  fi
+  return 1
+}
+
+function apm_run_compgen() {
+  local result
+  result=$(find_directories_without_ace_env "$primary_dir")
+
+  if [[ -n "$result" ]]; then
+    echo "$result"
+  else
+    result=$(find_directories_without_ace_env "$fallback_dir")
+    if [[ -n "$result" ]]; then
+      echo "$result"
+    else
+      echo ""
+    fi
+  fi
+}
+
+# 主完成函数
+_arguments -C \
+  "$options[@]" \
+  '*:: :->command'
+
+case $state in
+  command)
+    if (( CURRENT == 1 )); then
+      _describe 'command' commands
+    else
+      local cmd="${words[1]}"
+      local arg_pos=0
+      local found_cmd=0
+      
+      for (( i=1; i < CURRENT; i++ )); do
+        if [[ $found_cmd -eq 0 ]]; then
+          if [[ "${words[i]}" == "$cmd" ]]; then
+            found_cmd=1
+          fi
+        else
+          # 跳过选项参数（以-开头）
+          if [[ "${words[i]}" != -* ]]; then
+            ((arg_pos++))
+          fi
+        fi
+      done
+      
+      # 处理命令特定的选项
+      if [[ -n "${command_options[$cmd]}" ]]; then
+        _arguments "${(s: :)command_options[$cmd]}"
+      fi
+      
+      # 处理命令特定的参数
+      case $cmd in
+        remove|purge|autoremove|autopurge)
+          if [[ $arg_pos -eq 1 ]]; then
+            _files -W "$primary_dir" -/n
+          fi
+          ;;
+        show|list|download|changelog|depends|rdepends|policy)
+          if [[ $arg_pos -eq 1 ]]; then
+            local packages
+            packages=($(amber-pm-debug apt-cache --no-generate pkgnames "$PREFIX" -o Dir::Cache="/var/lib/aptss/" 2> /dev/null))
+            _describe 'package' packages
+          fi
+          ;;
+        install)
+          if [[ $arg_pos -eq 1 ]]; then
+            local packages
+            packages=($(amber-pm-debug apt-cache --no-generate pkgnames "$PREFIX" -o Dir::Cache="/var/lib/aptss/" 2> /dev/null))
+            _describe 'package' packages
+            _files -g "*.deb"
+          fi
+          ;;
+        source|build-dep|showsrc)
+          if [[ $arg_pos -eq 1 ]]; then
+            local packages
+            packages=($(amber-pm-debug apt-cache --no-generate pkgnames "$PREFIX" -o Dir::Cache="/var/lib/aptss/" 2> /dev/null))
+            _describe 'package' packages
+          fi
+          ;;
+        run|sandbox-run|bwrap-run|launch)
+          if [[ $arg_pos -eq 1 ]]; then
+            local packages
+            packages=($(apm_run_compgen))
+            _describe 'package' packages
+          elif [[ $arg_pos -ge 2 ]]; then
+            _files
+          fi
+          ;;
+        ssaudit|ssinstall)
+          _files
+          ;;
+      esac
+    fi
+    ;;
+esac
@@ -0,0 +1,214 @@
+#!/bin/bash
+
+function bash(){
+/usr/bin/bash --rcfile <(cat ~/.bashrc; echo "PS1=\"\[\e[37;40m\][\[\e[32;40m\]\u\[\e[37;40m\]@Amber-PM \[\e[36;40m\]\w\[\e[0m\]]\\\$ \"") $@
+}
+export -f bash
+function ensure_dir() {
+    local dir="$1"
+    
+    # 检查目录是否为空
+    if [ -z "$dir" ]; then
+        echo "错误: 目录路径不能为空"
+        return 1
+    fi
+    
+    # 检查目录是否存在
+    if [ ! -d "$dir" ]; then
+        echo "目录 '$dir' 不存在，正在创建..."
+        if mkdir -p "$dir"; then
+            echo "成功创建目录 '$dir'"
+            return 0
+        else
+            echo "错误: 无法创建目录 '$dir'"
+            return 1
+        fi
+    else
+        return 0
+    fi
+}
+
+chrootEnvPath="${chrootEnvPath:-$(dirname $0)/ace-env}"
+
+is_nixos() {
+    [ -f /etc/os-release ] && grep -Eq '^ID="?nixos"?$' /etc/os-release
+}
+
+APM_CONTAINER_PATH="/amber-ce-tools/bin-override:$PATH"
+if is_nixos; then
+    APM_CONTAINER_PATH="/amber-ce-tools/bin-override:/usr/local/bin:/usr/bin/"
+fi
+
+APM_PKG_NAME="${APM_PKG_NAME:-apm-general}"
+
+non_root_user=$(who  | awk '{print $1}' | head -n 1)
+uid=$(id -u $non_root_user)
+ensure_dir $HOME/.apm/${APM_PKG_NAME}/
+
+# 根据沙盒模式决定是否创建其他目录
+if [ "${APM_USE_SANDBOX:-0}" = "1" ]; then
+    ensure_dir $HOME/.apm/${APM_PKG_NAME}/$(basename $(xdg-user-dir DESKTOP))
+    ensure_dir $HOME/.apm/${APM_PKG_NAME}/$(basename $(xdg-user-dir DOCUMENTS))
+    ensure_dir $HOME/.apm/${APM_PKG_NAME}/$(basename $(xdg-user-dir PICTURES))
+    ensure_dir $HOME/.apm/${APM_PKG_NAME}/$(basename $(xdg-user-dir DOWNLOAD))
+    ensure_dir $HOME/.apm/${APM_PKG_NAME}/$(basename $(xdg-user-dir VIDEOS))
+    ensure_dir $HOME/.apm/${APM_PKG_NAME}/$(basename $(xdg-user-dir MUSIC))
+fi
+
+if [ $# -eq 0 ]; then
+    container_command="bash"
+else
+    # 正确转义所有参数，处理空格和特殊字符
+    container_command=""
+    for arg in "$@"; do
+        # 使用 printf %q 进行安全的 shell 转义
+        escaped_arg="$(printf "%q" "$arg")"
+        container_command="${container_command} ${escaped_arg}"
+    done
+    container_command="${container_command# }"  # 移除开头的空格
+fi
+
+#########################################################################################
+##########合成bwrap 1. 基础函数配置段
+# 初始化 EXEC_COMMAND 为 bwrap 基础指令
+EXEC_COMMAND="bwrap --dev-bind / / "
+
+# add_command 函数定义
+function add_command() {
+    # 参数拼接，考虑到转义和空格的处理
+    for arg in "$@"; do
+        EXEC_COMMAND="${EXEC_COMMAND} ${arg}"
+    done
+}
+
+function add_env_var() {
+    local var_name="${1}"
+    local var_value="${2}"
+    if [ "$var_value" != "" ]; then    
+	add_command "--setenv $var_name $var_value"
+	
+    fi
+}
+##########合成bwrap 2. 特殊需求函数配置段
+function cursor_theme_dir_integration() {
+
+local directory=""
+if [ "$(id -u)" = "0" ]; then #####We don't want bother root to install themes,but will try to fix the unwriteable issue
+	mkdir -p $chrootEnvPath/usr/share/icons
+	chmod 777 -R $chrootEnvPath/usr/share/icons
+	return
+fi
+
+for directory in "/usr/share/icons"/*; do
+    # 检查是否为目录
+    if [ -d "$directory" ]; then
+        # 检查目录中是否存在 cursors 文件
+        if [ -d "$directory/cursors" ]; then
+        	if [ -w $chrootEnvPath/usr/share/icons ];then
+			add_command "--ro-bind-try $directory $directory"
+		fi
+        fi
+    fi
+done
+}
+##########合成bwrap 3. 环境变量和目录绑定配置段
+# 添加环境变量和其他初始设置
+ENV_VARS=(
+    "FAKEROOTDONTTRYCHOWN 1"
+    "PULSE_SERVER /run/user/\$uid/pulse/native"
+    "PATH $APM_CONTAINER_PATH"
+    "IS_ACE_ENV 1"
+    "GTK_USE_PORTAL 1"
+    "XDG_DATA_DIRS /amber-ce-tools/additional-data-dir-in-container:\$XDG_DATA_DIRS"
+    "XCURSOR_PATH /host/usr/share/icons:/host/usr/share/cursors:/usr/share/icons:/usr/share/cursors:\$XCURSOR_PATH"
+)
+
+# 基础绑定目录（始终绑定）
+BASE_BIND_DIRS=(
+    "--dev-bind $chrootEnvPath/ /"
+    "--dev-bind-try /media /media"
+    "--dev-bind-try /mnt /mnt"
+    "--dev-bind-try /tmp /tmp"
+    "--dev-bind-try /data /data"
+    "--dev-bind-try /dev /dev"
+    "--proc /proc"
+    "--dev-bind /sys /sys"
+    "--dev-bind /run /run"
+    "--dev-bind-try /run/user/\$uid/pulse /run/user/\$uid/pulse"
+    "--dev-bind / /host"
+    "--dev-bind-try /etc/resolv.conf /etc/resolv.conf"
+    "--dev-bind-try /usr/share/icons /usr/local/share/icons"
+    "--dev-bind-try /usr/share/fonts /usr/local/share/fonts"
+    "--dev-bind-try /usr/share/themes /usr/share/themes"
+    "--dev-bind-try /home /home"
+    "--dev-bind-try $HOME/.apm/${APM_PKG_NAME}/.deepinwine $HOME/.deepinwine"
+)
+
+# 沙盒模式下的额外绑定目录
+SANDBOX_BIND_DIRS=(
+    "--dev-bind-try $HOME/.apm/${APM_PKG_NAME}/ $HOME/"
+    "--dev-bind-try $(xdg-user-dir DESKTOP) $(xdg-user-dir DESKTOP)"
+    "--dev-bind-try $(xdg-user-dir DOCUMENTS) $(xdg-user-dir DOCUMENTS)"
+    "--dev-bind-try $(xdg-user-dir PICTURES) $(xdg-user-dir PICTURES)"
+    "--dev-bind-try $(xdg-user-dir DOWNLOAD) $(xdg-user-dir DOWNLOAD)"
+    "--dev-bind-try $(xdg-user-dir VIDEOS) $(xdg-user-dir VIDEOS)"
+    "--dev-bind-try $(xdg-user-dir MUSIC) $(xdg-user-dir MUSIC)"
+)
+
+# 非沙盒模式下的绑定目录（只绑定.deepinwine）
+NON_SANDBOX_BIND_DIRS=(
+    "--dev-bind-try $HOME/.deepinwine $HOME/.deepinwine"
+)
+
+# 根据 APM_USE_BWRAP 决定是否添加 CAP_SYS_ADMIN
+# 为修复Steam问题，强制都不加
+EXTRA_ARGS=()
+#if [ "${APM_USE_BWRAP:-0}" != "1" ]; then
+#    EXTRA_ARGS=(
+#        "--cap-add CAP_SYS_ADMIN"
+#    )
+#fi
+
+EXTRA_SCRIPTS=(
+#    cursor_theme_dir_integration
+)
+
+##########合成bwrap 4. 合成并执行指令
+# 逐一添加到 EXEC_COMMAND
+for var in "${ENV_VARS[@]}"; do
+    add_env_var $var
+done
+
+# 添加基础绑定目录
+for var in "${BASE_BIND_DIRS[@]}"; do
+    add_command "$var"
+done
+
+# 根据沙盒模式添加不同的绑定目录
+if [ "${APM_USE_SANDBOX:-0}" = "1" ]; then
+    for var in "${SANDBOX_BIND_DIRS[@]}"; do
+        add_command "$var"
+    done
+else
+    for var in "${NON_SANDBOX_BIND_DIRS[@]}"; do
+        add_command "$var"
+    done
+fi
+
+# 添加额外参数
+for var in "${EXTRA_ARGS[@]}"; do
+    add_command "$var"
+done
+
+for var in "${EXTRA_SCRIPTS[@]}"; do
+    $var
+done
+
+# 添加最终的 bash 命令
+add_command "bash -c \"${container_command}\""
+
+# 输出完整的 EXEC_COMMAND 以查看
+# echo "${EXEC_COMMAND}"
+
+# 注意: 实际执行时，请确保所有变量（如 $uid, $chrootEnvPath 等）都已正确定义
+eval "${EXEC_COMMAND}"
@@ -0,0 +1,149 @@
+#!/bin/bash
+
+bash(){
+/usr/bin/bash --rcfile <(cat ~/.bashrc; echo "PS1=\"\[\e[37;40m\][\[\e[32;40m\]\u\[\e[37;40m\]@Amber-PM \[\e[36;40m\]\w\[\e[0m\]]\\\$ \"") $@
+}
+export -f bash
+
+chrootEnvPath="${chrootEnvPath:-$(pwd)/ace-env}"
+
+is_nixos() {
+    [ -f /etc/os-release ] && grep -Eq '^ID="?nixos"?$' /etc/os-release
+}
+
+APM_CONTAINER_PATH="/amber-ce-tools/bin-override:$PATH"
+if is_nixos; then
+    APM_CONTAINER_PATH="/amber-ce-tools/bin-override:/usr/local/bin:/usr/bin/"
+fi
+
+
+non_root_user=$(who  | awk '{print $1}' | head -n 1)
+uid=$(id -u $non_root_user)
+
+
+#### This part is for args pharm
+if [ "$1" = "" ];then
+container_command="bash"
+else
+container_command="$1"
+shift
+for arg in "$@"; do
+        arg="$(echo "${arg}x" | sed 's|'\''|'\'\\\\\'\''|g')"
+        arg="${arg%x}"
+        container_command="${container_command} '${arg}'"
+done
+fi
+#########################################################################################
+##########合成bwrap 1. 基础函数配置段
+# 初始化 EXEC_COMMAND 为 bwrap 基础指令
+EXEC_COMMAND="bwrap --dev-bind / / "
+
+# add_command 函数定义
+function add_command() {
+    # 参数拼接，考虑到转义和空格的处理
+    for arg in "$@"; do
+        EXEC_COMMAND="${EXEC_COMMAND} ${arg}"
+    done
+}
+
+function add_env_var() {
+    local var_name="${1}"
+    local var_value="${2}"
+    if [ "$var_value" != "" ]; then    
+	add_command "--setenv $var_name $var_value"
+	
+    fi
+}
+##########合成bwrap 2. 特殊需求函数配置段
+function cursor_theme_dir_integration() {
+
+local directory=""
+if [ "$(id -u)" = "0" ]; then #####We don't want bother root to install themes,but will try to fix the unwriteable issue
+	mkdir -p $chrootEnvPath/usr/share/icons
+	chmod 777 -R $chrootEnvPath/usr/share/icons
+	return
+fi
+
+for directory in "/usr/share/icons"/*; do
+    # 检查是否为目录
+    if [ -d "$directory" ]; then
+        # 检查目录中是否存在 cursors 文件
+        if [ -d "$directory/cursors" ]; then
+        	if [ -w $chrootEnvPath/usr/share/icons ];then
+			add_command "--ro-bind-try $directory $directory"
+		fi
+        fi
+    fi
+done
+
+
+
+
+
+
+
+}
+##########合成bwrap 3. 环境变量和目录绑定配置段
+# 添加环境变量和其他初始设置
+ENV_VARS=(
+    "FAKEROOTDONTTRYCHOWN 1"
+    "PULSE_SERVER /run/user/\$uid/pulse/native"
+    "PATH $APM_CONTAINER_PATH"
+    "IS_ACE_ENV 1"
+    "GTK_USE_PORTAL 1"
+    "XDG_DATA_DIRS /amber-ce-tools/additional-data-dir-in-container:\$XDG_DATA_DIRS"
+)
+
+BIND_DIRS=(
+    "--dev-bind $chrootEnvPath/ /"
+    "--dev-bind-try /media /media"
+    "--dev-bind-try /root /root"
+    "--dev-bind-try /www /www"
+    "--dev-bind-try /mnt /mnt"
+    "--dev-bind-try /tmp /tmp"
+    "--dev-bind-try /data /data"
+    "--dev-bind-try /dev /dev"
+    "--proc /proc"
+    "--dev-bind /sys /sys"
+    "--dev-bind /run /run"
+    "--dev-bind-try /run/user/\$uid/pulse /run/user/\$uid/pulse"
+    "--dev-bind / /host"
+    "--dev-bind-try /etc/resolv.conf /etc/resolv.conf"
+    "--dev-bind-try /home /home"
+)
+EXTRA_ARGS=(
+#    "--hostname Amber-PM"
+#    "--unshare-uts"
+#    "--cap-add CAP_SYS_ADMIN"
+)
+
+EXTRA_SCRIPTS=(
+#    cursor_theme_dir_integration
+)
+
+##########合成bwrap 4. 合成并执行指令
+# 逐一添加到 EXEC_COMMAND
+for var in "${ENV_VARS[@]}"; do
+    add_env_var $var
+done
+
+for var in "${BIND_DIRS[@]}"; do
+    add_command "$var"
+done
+
+for var in "${EXTRA_ARGS[@]}"; do
+    add_command "$var"
+done
+
+for var in "${EXTRA_SCRIPTS[@]}"; do
+    $var
+done
+
+# 添加最终的 bash 命令
+add_command "bash -c \"${container_command}\""
+
+# 输出完整的 EXEC_COMMAND 以查看
+# echo "${EXEC_COMMAND}"
+
+# 注意: 实际执行时，请确保所有变量（如 $uid, $chrootEnvPath 等）都已正确定义
+eval ${EXEC_COMMAND}
@@ -0,0 +1,9 @@
+Package: ace-host-integration
+Version: 1.2.2
+Section: misc
+Priority: optional
+Depends: bash
+Maintainer: shenmo <shenmo@spark-app.store>
+Architecture: all
+Conflicts: apm
+Description: ace-host-integration
@@ -0,0 +1,4 @@
+#!/bin/bash
+if [ "${1}" = "triggered" ];then
+/opt/ace-host-integration/ace-host-integration
+fi
@@ -0,0 +1,2 @@
+interest-noawait /var/lib/apm
+interest-noawait /usr/share/applications
@@ -0,0 +1 @@
+IS_ACE_ENV=1
@@ -0,0 +1,98 @@
+#!/bin/bash
+# ===== Log =====
+# log.info xxx
+# log.warn xxx
+# log.info xxx
+# log.debug xxx
+# 带颜色的echo
+function log.color_output() {
+    local color=$1
+    shift 1
+
+    echo >&2 -e "\033[${color}m$@\033[0m"
+    return 0
+}
+
+# Log is named without prefix "utils." for convenience
+# Usage: log.log <level> ...content
+function log.log() {
+    if [[ $# < 2 ]]; then
+        return -1
+    fi
+
+    local level=$1
+    shift 1
+
+    case $level in
+    error) log.color_output "0;31" "[ERROR] $@" ;;
+    warn) log.color_output "1;33" "[WARN] $@" ;;
+    info) log.color_output "1;37" "[INFO] $@" ;;
+    debug) log.color_output "1;30" "[DEBUG] $@" ;;
+    esac
+
+    return 0
+}
+
+function log.error() { log.log "error" "$@"; }
+function log.warn() { log.log "warn" $@; }
+function log.info() { log.log "info" $@; }
+function log.debug() { log.log "debug" $@; }
+
+function do_integrate(){
+    local file=$1
+    if [ -f "$file" ]; then
+        # 获取文件名（不带.desktop后缀）作为X-AMBER-CE-DESKTOP-NAME的值
+        local desktop_name=$(basename "$file" .desktop)
+        
+        # 检查是否已经处理过（通过检查X-AMBER-CE-DESKTOP-NAME字段）
+        if ! grep -q "^X-AMBER-CE-DESKTOP-NAME=" "$file"; then
+            echo "$file is detected. Processing host system integration..."
+            
+            # 修改Exec行（如果尚未修改）
+            if ! grep -q "^Exec=apm-debug " "$file"; then
+                sed -i 's|^Exec=\(.*\)|Exec=apm-debug \1|' "$file"
+            fi
+            
+            # 删除TryExec行
+            sed -i '/^TryExec=/d' "$file"
+            
+            # 修改Name行（包括本地化Name）
+            sed -i '/^Name=/ s/$/ (Amber-PM)/' "$file"
+            sed -i "/^Name\[${LANGUAGE}\]=/ s/\$/ (Amber-PM)/" "$file"
+            
+            # 修改GenericName行（包括本地化GenericName）
+            sed -i '/^GenericName=/ s/$/ (Amber-PM)/' "$file"
+            sed -i "/^GenericName\[${LANGUAGE}\]=/ s/\$/ (Amber-PM)/" "$file"
+            
+            # 添加X-AMBER-CE-DESKTOP-NAME字段
+            echo "X-AMBER-CE-DESKTOP-NAME=${desktop_name}" >> "$file"
+            
+            # 处理Icon行
+            icon_line=$(grep "^Icon=" "$file")
+            if [[ "$icon_line" == "Icon=/"* ]]; then
+                # 如果Icon=后面接的是/，则添加前缀
+                sed -i 's|^Icon=/|Icon=/lib/apm/apm/files/ace-env/|' "$file"
+            fi
+        fi
+    fi
+    chmod +x "$file"
+}
+
+if [ "${IS_ACE_ENV}" != "" ]; then
+    if [ -e /opt/apps/ ]; then
+        for app_dir in $(/apm/); do
+            for file in /opt/apps/$app_dir/entries/applications/*.desktop; do
+                do_integrate "$file"
+            done
+        done
+    else
+        log.warn "No /opt/apps directory. Skip..."
+    fi
+    
+    for file in /usr/share/applications/*.desktop; do
+        do_integrate "$file"
+    done
+    find "/usr/share/applications/" -xtype l -delete
+else
+    log.error "DO NOT run me on host OS"
+fi
@@ -0,0 +1,176 @@
+#!/bin/bash
+
+
+
+
+#############################################################
+# ===== Log =====
+# log.info xxx
+# log.warn xxx
+# log.info xxx
+# log.debug xxx
+# 带颜色的echo
+function log.color_output() {
+    local color=$1
+    shift 1
+
+    echo >&2 -e "\033[${color}m$@\033[0m"
+    return 0
+}
+
+# Log is named without prefix "utils." for convenience
+# Usage: log.log <level> ...content
+function log.log() {
+    if [[ $# < 2 ]]; then
+        return -1
+    fi
+
+    local level=$1
+    shift 1
+
+    case $level in
+    error) log.color_output "0;31" "[ERROR] $@" ;;
+    warn) log.color_output "1;33" "[WARN] $@" ;;
+    info) log.color_output "1;37" "[INFO] $@" ;;
+    debug) log.color_output "1;30" "[DEBUG] $@" ;;
+    esac
+
+    return 0
+}
+
+function log.error() { log.log "error" "$@"; }
+function log.warn() { log.log "warn" $@; }
+function log.info() { log.log "info" $@; }
+function log.debug() { log.log "debug" $@; }
+
+
+# 发送通知
+function notify-send() {
+
+
+    # Detect user using the display
+    local user=$(who | awk '{print $1}' | head -n 1)
+
+    # Detect uid of the user
+    local uid=$(id -u $user)
+    log.debug "User is $user and the uid of it is $uid"
+    sudo -u $user  DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/${uid}/bus notify-send $@
+}
+
+
+# 检测网络链接畅通
+function network-check()
+{
+    # 超时时间
+    local timeout=15
+
+    # 目标网站
+    local target=www.baidu.com
+
+    # 获取响应状态码
+    local ret_code=`curl -I -s --connect-timeout ${timeout} ${target} -w %{http_code} | tail -n1`
+
+    if [ "x$ret_code" = "x200" ] ; then
+        # 网络畅通
+        return 0
+    else
+        # 网络不畅通
+        return 1
+    fi
+}
+###############################################################
+
+if [ "$(id -u)" != "0" ]; then
+log.error "Nope we need root to run"
+exit -1
+fi
+
+network-check
+if [ $? -ne 0 ] ; then
+    log.error "NETWORK_FAIL"
+    exit -1
+fi
+
+# The code above is modified from https://blog.csdn.net/yaxuan88521/article/details/120516298
+
+
+
+
+if command -v aptss  ;then
+APT_COMMAND=aptss
+/usr/bin/apt update
+log.info "Using aptss to operate the upgrade process since we detect it."
+elif [ -e /usr/bin/apt ];then
+APT_COMMAND=/usr/bin/apt
+log.info "Using apt to operate the upgrade process."
+else
+log.error "Nope we support debian only now"
+exit -1
+fi
+${APT_COMMAND} clean
+${APT_COMMAND} update
+
+updatetext=`${APT_COMMAND} update 2>&1`
+
+until [ "`echo $updatetext | grep E: `" = "" ];do
+log.info "UPDATE_ERROR_AND_WAIT_15_SEC"
+sleep 15
+updatetext=`${APT_COMMAND} update 2>&1`
+
+
+
+done
+
+
+# 获取可升级包的数量
+update_app_number=$(env LANGUAGE=en_US ${APT_COMMAND} list --upgradable 2>/dev/null | grep -c upgradable)
+
+if [ "$update_app_number" -le 0 ] ; then
+    exit 0
+fi
+
+# 获取用户选择的要更新的应用
+PKG_LIST="$(env LANGUAGE=en_US ${APT_COMMAND} list --upgradable  | awk NR\>1)"
+# 指定分隔符为 \n
+IFS_OLD="$IFS"
+IFS=$'\n'
+
+for line in $PKG_LIST ; do
+    PKG_NAME=$(echo $line | awk -F ' ' '{print $1}')
+    PKG_NEW_VER=$(echo $line | awk -F ' ' '{print $2}')
+    PKG_CUR_VER=$(echo $line | awk -F ' ' '{print $3}')
+
+#    dpkg --compare-versions $PKG_NEW_VER le $PKG_CUR_VER
+
+#    if [ $? -eq 0 ] ; then
+#        let update_app_number=$update_app_number-1
+#        continue
+#    fi
+
+    ## 检测是否是 hold 状态
+    PKG_STA=$(dpkg-query -W -f='${db:Status-Want}' $PKG_NAME)
+    if [ "$PKG_STA" = "hold" ] ; then
+        let update_app_number=$update_app_number-1
+    fi
+done
+
+# 还原分隔符
+IFS="$IFS_OLD"
+if [ $update_app_number -le 0 ] ; then
+	log.info "No package need to upgrade after ignoring those holded ones. exit"
+    exit 0
+fi
+
+
+## 如果都是hold或者版本一致的那就直接退出，否则把剩余的给提醒了
+
+
+user=$(who | awk '{print $1}' | head -n 1)
+
+	log.info "ACE Amber-PM 环境中有 $update_app_number 个软件包可升级，正在自动升级"
+notify-send -a apm "ACE Amber-PM" "ACE Amber-PM环境中有${update_app_number}个软件包可升级，执行自动升级..."
+
+${APT_COMMAND} clean
+${APT_COMMAND} full-upgrade -y
+${APT_COMMAND} clean
+notify-send -a apm "ACE兼容环境" "自动升级结束"
@@ -0,0 +1 @@
+# File in this dir will be seen as one of  XDG_DATA_DIRS in ACE container.
@@ -0,0 +1,10 @@
+[Desktop Entry]
+Exec=xdg-open %U
+MimeType=x-scheme-handler/spk;inode/directory;application/x-mimearchive;x-scheme-handler/http;x-scheme-handler/https;application/msword;application/vnd.openxmlformats-officedocument.wordprocessingml.document;application/vnd.ms-excel;application/vnd.openxmlformats-officedocument.spreadsheetml.sheet;application/vnd.ms-powerpoint;application/vnd.openxmlformats-officedocument.presentationml.presentation;application/x-gzip;application/zip;application/rar;application/x-tar;application/pdf;application/rtf;image/gif;image/jpeg;image/jp2;image/png;image/tiff;image/bmp;image/svg+xml;image/webp;image/x-icon;application/kswps;application/kset;application/ksdps;application/x-photoshop;application/x-coreldraw;application/x-shockwave-flash;text/plain;application/x-javascript;text/javascript;text/css;text/html;application/xhtml+xml;text/xml;text/x-vcard;application/x-httpd-php;application/java-archive;application/vnd.android.package-archive;application/octet-stream;application/x-x509-user-cert;audio/mpeg;audio/midi;audio/x-wav;audio/x-mpegurl;audio/x-m4a;audio/ogg;audio/x-realaudio;video/mp4;video/mpeg;video/quicktime;video/x-m4v;video/x-ms-wmv;video/x-msvideo;video/webm;video/x-flv;application/xhtml_xml;
+Name=ace-run-in-host-os
+NoDisplay=true
+Terminal=false
+TryExec=
+Type=Application
+Version=1.0
+
@@ -0,0 +1,4 @@
+#!/bin/bash
+### We do not want users to install ACE in ACE.
+echo "Running ACE in ACE is NOT Tested or recommended. Exit"
+exit 1
@@ -0,0 +1,2 @@
+#!/bin/bash
+host-spawn /var/lib/apm/apm/files/bin/ace-run-bwrap "$@"
@@ -0,0 +1,6 @@
+#!/bin/bash
+if [ "$1" = "open" ];then
+xdg-open ${@:2}
+else
+/usr/bin/gio $@
+fi
@@ -0,0 +1,6 @@
+#!/bin/bash
+if [ "$UID" = "0" ];then
+$@
+else
+host-spawn pkexec apm-debug $@
+fi
@@ -0,0 +1,6 @@
+#!/bin/bash
+if [ "$UID" = "0" ];then
+/usr/bin/sudo $@
+else
+host-spawn sudo apm-debug sudo env IS_ACE_ENV="1" PATH="/amber-ce-tools/bin-override:$PATH" "$@"
+fi
@@ -0,0 +1,129 @@
+#!/bin/bash 
+if [ "$IS_ACE_ENV" != "1" ];then
+echo "ONLY RUN ME IN ACE"
+exit
+fi
+
+
+
+        printf "ACE: Setting up sudo...\n"
+        mkdir -p /etc/sudoers.d
+        # Do not check fqdn when doing sudo, it will not work anyways
+        if ! grep -q 'Defaults !fqdn' /etc/sudoers.d/sudoers; then
+                printf "Defaults !fqdn\n" >> /etc/sudoers.d/sudoers
+        fi
+        # Ensure passwordless sudo is set up for user
+        if ! grep -q "\"${container_user_name}\" ALL = (root) NOPASSWD:ALL" /etc/sudoers.d/sudoers; then
+                printf "\"%s\" ALL = (root) NOPASSWD:ALL\n" "${container_user_name}" >> /etc/sudoers.d/sudoers
+        fi
+
+
+
+
+printf "ACE: Setting up groups...\n"
+# If not existing, ensure we have a group for our user.
+if ! grep -q "^${container_user_name}:" /etc/group; then
+        if ! groupadd --force --gid "${container_user_gid}" "${container_user_name}"; then
+                # It may occur that we have users with unsupported user name (eg. on LDAP or AD)
+                # So let's try and force the group creation this way.
+                printf "%s:x:%s:" "${container_user_name}" "${container_user_gid}" >> /etc/group
+        fi
+fi
+
+printf "ACE: Setting up users...\n"
+
+# Setup kerberos integration with the host
+if [ -d "/run/host/var/kerberos" ] &&
+        [ -d "/etc/krb5.conf.d" ] &&
+        [ ! -e "/etc/krb5.conf.d/kcm_default_ccache" ]; then
+
+        cat << EOF > "/etc/krb5.conf.d/kcm_default_ccache"
+# # To disable the KCM credential cache, comment out the following lines.
+[libdefaults]
+    default_ccache_name = KCM:
+EOF
+fi
+
+# If we have sudo/wheel groups, let's add the user to them.
+additional_groups=""
+if grep -q "^sudo" /etc/group; then
+        additional_groups="sudo"
+elif grep -q "^wheel" /etc/group; then
+        additional_groups="wheel"
+fi
+
+# Let's add our user to the container. if the user already exists, enforce properties.
+#
+# In case of AD or LDAP usernames, it is possible we will have a backslach in the name.
+# In that case grep would fail, so we replace the backslash with a point to make the regex work.
+# shellcheck disable=SC1003
+if ! grep -q "^$(printf '%s' "${container_user_name}" | tr '\\' '.'):" /etc/passwd &&
+        ! grep -q "^.*:.*:${container_user_uid}:" /etc/passwd; then
+        if ! useradd \
+                --home-dir "${container_user_home}" \
+                --no-create-home \
+                --groups "${additional_groups}" \
+                --shell "${SHELL:-"/bin/bash"}" \
+                --uid "${container_user_uid}" \
+                --gid "${container_user_gid}" \
+                "${container_user_name}"; then
+
+                printf "Warning: there was a problem setting up the user\n"
+                printf "Warning: trying manual addition\n"
+                printf "%s:x:%s:%s:%s:%s:%s" \
+                        "${container_user_name}" "${container_user_uid}" \
+                        "${container_user_gid}" "${container_user_name}" \
+                        "${container_user_home}" "${SHELL:-"/bin/bash"}" >> /etc/passwd
+                printf "%s::1::::::" "${container_user_name}" >> /etc/shadow
+        fi
+# Ensure we're not using the specified SHELL. Run it only once, so that future
+# user's preferences are not overwritten at each start.
+elif [ ! -e /etc/passwd.done ]; then
+        # This situation is presented when podman or docker already creates the user
+        # for us inside container. We should modify the user's prepopulated shadowfile
+        # entry though as per user's active preferences.
+
+        # If the user was there with a different username, get that username so
+        # we can modify it
+        if ! grep -q "^$(printf '%s' "${container_user_name}" | tr '\\' '.'):" /etc/passwd; then
+                user_to_modify=$(getent passwd "${container_user_uid}" | cut -d: -f1)
+        fi
+
+        if ! usermod \
+                --home "${container_user_home}" \
+                --shell "${SHELL:-"/bin/bash"}" \
+                --groups "${additional_groups}" \
+                --uid "${container_user_uid}" \
+                --gid "${container_user_gid}" \
+                --login "${container_user_name}" \
+                "${user_to_modify:-"${container_user_name}"}"; then
+
+                printf "Warning: there was a problem setting up the user\n"
+        fi
+        touch /etc/passwd.done
+fi
+
+# We generate a random password to initialize the entry for the user and root.
+temporary_password="$(cat /proc/sys/kernel/random/uuid)"
+printf "%s\n%s\n" "${temporary_password}" "${temporary_password}" | passwd root
+printf "%s:%s" "${container_user_name}" "${temporary_password}" | chpasswd -e
+# Delete password for root and user
+printf "%s:" "root" | chpasswd -e
+printf "%s:" "${container_user_name}" | chpasswd -e
+
+mkdir -p /usr/share/fonts
+mkdir -p /usr/share/icons
+mkdir -p /usr/share/themes
+
+## init host-spawn
+unlink /amber-ce-tools/bin-override/host-spawn
+ln -sfv /amber-ce-tools/bin-override/host-spawn-$(uname -m) /amber-ce-tools/bin-override/host-spawn
+
+
+
+
+
+exit 0
+
+
+
@@ -0,0 +1 @@
+# App in this dir will be integrated to host os. Will create symbol link when installing
@@ -0,0 +1,7 @@
+#!/bin/bash
+if [ "$UID" != "0" ];then
+pkexec $0
+exit
+fi
+
+apm-debug amber-pm-dstore-patch
@@ -0,0 +1,133 @@
+#!/bin/bash
+
+if [ "$(id -u)" != "0" ]; then
+    echo "当前用户不是 root 用户，退出"
+    exit
+fi
+if [ "$PACKAGE_NAME" = "" ];then
+curdir=`realpath $0`
+parent_dir=`dirname $curdir`
+pparent_dir=`dirname $parent_dir`
+ppparent_dir=`dirname $pparent_dir`
+PKGNAME=`basename $ppparent_dir`
+else
+
+PKGNAME=$PACKAGE_NAME
+fi
+chrootEnvPath=/var/lib/apm/$PKGNAME/files/ace-env
+is_nixos() {
+    [ -f /etc/os-release ] && grep -Eq '^ID="?nixos"?$' /etc/os-release
+}
+
+APM_CONTAINER_PATH="/amber-ce-tools/bin-override:$PATH"
+if is_nixos; then
+    APM_CONTAINER_PATH="/amber-ce-tools/bin-override:/usr/local/bin:/usr/bin/"
+fi
+
+#if [ ! -e $chrootEnvPath ];then
+echo "Uncompress the env...."
+tar  -xvf $chrootEnvPath.tar.xz -C /var/lib/apm/$PKGNAME/files/
+#fi
+
+HERE="$(dirname $(realpath $0))"
+
+function get_current_user() {
+    # 优先通过 who 命令获取用户
+    local user
+    user=$(who | awk '{print $1}' | head -n 1 2>/dev/null)
+
+    # 如果 who 无输出，则通过 loginctl 获取
+    if [[ -z "$user" ]]; then
+        user=$(loginctl list-sessions --no-legend 2>/dev/null | awk '{print $3}' | head -n 1)
+    fi
+
+    # 返回最终结果（可能为空）
+    echo "${user}"
+}
+non_root_user=$(get_current_user)
+uid=$(id -u $non_root_user)
+
+function bookworm-run(){
+bwrap --dev-bind $chrootEnvPath/ / \
+  --setenv PULSE_SERVER /run/user/$uid/pulse/native \
+  --setenv PATH "$APM_CONTAINER_PATH" \
+  --setenv IS_ACE_ENV "1" \
+  --dev-bind-try /media /media \
+  --dev-bind-try /tmp /tmp \
+  --dev /dev  \
+  --dev-bind-try /dev/dri /dev/dri  \
+  --proc /proc  \
+  --dev-bind / /host \
+  --dev-bind /sys /sys  \
+  --dev-bind /run /run  \
+  --dev-bind-try /run/user/$uid/pulse /run/user/$uid/pulse  \
+  --bind-try /usr/share/themes /usr/local/share/themes  \
+  --bind-try /usr/share/icons /usr/local/share/icons  \
+  --bind-try /usr/share/fonts /usr/local/share/fonts  \
+  --hostname Amber-PM \
+  --unshare-uts \
+  --dev-bind-try /etc/resolv.conf /etc/resolv.conf \
+  --dev-bind-try /home /home \
+  $@
+
+
+}
+
+echo "Update the flamescion container tools"
+cp -r `dirname $chrootEnvPath`/amber-ce-tools/  $chrootEnvPath
+
+
+export container_user_gid="$(sudo -u $non_root_user id -rg)"
+export container_user_home="/home/${non_root_user}"
+export container_user_name="${non_root_user}"
+export container_user_uid="$(sudo -u $non_root_user id -ru)"
+
+
+
+
+#####init
+
+
+bookworm-run bash /amber-ce-tools/container-init/init.sh
+rm $chrootEnvPath/etc/localtime
+cp $(realpath /etc/localtime) $chrootEnvPath/etc/localtime
+chmod 777 $chrootEnvPath/etc/localtime 
+bookworm-run cp /host/etc/locale.gen /etc/locale.gen && locale-gen
+bookworm-run touch /finish.flag
+bookworm-run apt clean
+bookworm-run chown -R $(get_current_user)  /usr/lib/locale/
+sudo -u $(get_current_user) bwrap --dev-bind $chrootEnvPath/ / \
+  --setenv PULSE_SERVER /run/user/$uid/pulse/native \
+  --setenv PATH "$APM_CONTAINER_PATH" \
+  --setenv IS_ACE_ENV "1" \
+  --dev-bind $chrootEnvPath/ / \
+  --dev-bind-try /media /media \
+  --dev-bind-try /tmp /tmp \
+  --dev /dev  \
+  --dev-bind-try /dev/dri /dev/dri  \
+  --proc /proc  \
+  --dev-bind /sys /sys  \
+  --dev-bind /run /run  \
+  --dev-bind-try /run/user/$uid/pulse /run/user/$uid/pulse  \
+  --dev-bind / /host \
+  --bind-try /usr/share/themes /usr/local/share/themes  \
+  --bind-try /usr/share/icons /usr/local/share/icons  \
+  --bind-try /usr/share/fonts /usr/local/share/fonts  \
+  --dev-bind-try /etc/resolv.conf /etc/resolv.conf \
+  --dev-bind-try /home /home \
+  locale-gen
+bookworm-run update-locale LANG=$LANG
+chown -R root $chrootEnvPath
+mkdir -p $chrootEnvPath/amber-ce-tools/data-dir
+ln -sv ../../usr/share/applications $chrootEnvPath/amber-ce-tools/data-dir/
+ln -sv ../../usr/share/icons $chrootEnvPath/amber-ce-tools/data-dir/
+mkdir -p $chrootEnvPath/usr/share/templates  
+ln -sfv ../../usr/share/templates/   $chrootEnvPath/amber-ce-tools/data-dir/
+mkdir -p $chrootEnvPath/usr/share/mime
+ln -sfv ../../usr/share/mime/   $chrootEnvPath/amber-ce-tools/data-dir/
+mkdir -p $chrootEnvPath/usr/share/pixmaps
+ln -sfv ../../usr/share/pixmaps/   $chrootEnvPath/amber-ce-tools/data-dir/
+
+chmod 777 -R $chrootEnvPath/usr/share/icons
+rm -vfr $chrootEnvPath/dev/*
+true
@@ -0,0 +1,160 @@
+#!/bin/bash
+### 这个工具是用来启动apm内置ACE环境的，不是用来打开应用的
+bash(){
+/usr/bin/bash --rcfile <(cat ~/.bashrc; echo "PS1=\"\[\e[37;40m\][\[\e[32;40m\]\u\[\e[37;40m\]@Amber-PM \[\e[36;40m\]\w\[\e[0m\]]\\\$ \"") $@
+}
+export -f bash
+
+curdir=`realpath $0`
+parent_dir=`dirname $curdir`
+pparent_dir=`dirname $parent_dir`
+ppparent_dir=`dirname $pparent_dir`
+PKGNAME=`basename $ppparent_dir`
+export ACE_PACKAGE_NAME=$PKGNAME
+
+chrootEnvPath=/var/lib/apm/$PKGNAME/files/ace-env
+
+is_nixos() {
+    [ -f /etc/os-release ] && grep -Eq '^ID="?nixos"?$' /etc/os-release
+}
+
+APM_CONTAINER_PATH="/amber-ce-tools/bin-override:$PATH"
+if is_nixos; then
+    APM_CONTAINER_PATH="/amber-ce-tools/bin-override:/usr/local/bin:/usr/bin/"
+fi
+
+# if [ ! -e $chrootEnvPath/finish.flag ];then
+
+# if [ "$(id -u)" = "0" ]; then
+#     `dirname $chrootEnvPath`/bin/ace-init
+# else
+# pkexec `dirname $chrootEnvPath`/bin/ace-init
+# fi
+# Ubuntu 26.04 中断了我们配置容器
+#fi
+non_root_user=$(who  | awk '{print $1}' | head -n 1)
+uid=$(id -u $non_root_user)
+
+
+#### This part is for args pharm
+if [ "$1" = "" ];then
+container_command="bash"
+else
+container_command="$1"
+shift
+for arg in "$@"; do
+        arg="$(echo "${arg}x" | sed 's|'\''|'\'\\\\\'\''|g')"
+        arg="${arg%x}"
+        container_command="${container_command} '${arg}'"
+done
+fi
+#########################################################################################
+##########合成bwrap 1. 基础函数配置段
+# 初始化 EXEC_COMMAND 为 bwrap 基础指令
+EXEC_COMMAND="bwrap --dev-bind / /"
+
+# add_command 函数定义
+function add_command() {
+    # 参数拼接，考虑到转义和空格的处理
+    for arg in "$@"; do
+        EXEC_COMMAND="${EXEC_COMMAND} ${arg}"
+    done
+}
+
+function add_env_var() {
+    local var_name="${1}"
+    local var_value="${2}"
+    if [ "$var_value" != "" ]; then    
+	add_command "--setenv $var_name $var_value"
+	
+    fi
+}
+##########合成bwrap 2. 特殊需求函数配置段
+function cursor_theme_dir_integration() {
+
+local directory=""
+if [ "$(id -u)" = "0" ]; then #####We don't want bother root to install themes,but will try to fix the unwriteable issue
+	mkdir -p $chrootEnvPath/usr/share/icons
+	chmod 777 -R $chrootEnvPath/usr/share/icons
+	return
+fi
+
+for directory in "/usr/share/icons"/*; do
+    # 检查是否为目录
+    if [ -d "$directory" ]; then
+        # 检查目录中是否存在 cursors 文件
+        if [ -d "$directory/cursors" ]; then
+        	if [ -w $chrootEnvPath/usr/share/icons ];then
+			add_command "--ro-bind-try $directory $directory"
+		fi
+        fi
+    fi
+done
+
+
+
+
+
+
+
+}
+##########合成bwrap 3. 环境变量和目录绑定配置段
+# 添加环境变量和其他初始设置
+ENV_VARS=(
+    "FAKEROOTDONTTRYCHOWN 1"
+    "PULSE_SERVER /run/user/\$uid/pulse/native"
+    "PATH $APM_CONTAINER_PATH"
+    "IS_ACE_ENV 1"
+    "IS_APM_ENV 1"
+    "XDG_DATA_DIRS /amber-ce-tools/additional-data-dir-in-container:\$XDG_DATA_DIRS"
+)
+
+BIND_DIRS=(
+    "--dev-bind $chrootEnvPath/ /"
+    "--dev-bind-try /media /media"
+    "--dev-bind-try /mnt /mnt"
+    "--dev-bind-try /tmp /tmp"
+    "--dev-bind-try /data /data"
+    "--dev-bind-try /dev /dev"
+    "--proc /proc"
+    "--dev-bind /sys /sys"
+    "--dev-bind /run /run"
+    "--dev-bind-try /run/user/\$uid/pulse /run/user/\$uid/pulse"
+    "--dev-bind / /host"
+    "--dev-bind-try /etc/resolv.conf /etc/resolv.conf"
+    "--dev-bind-try /home /home"
+)
+EXTRA_ARGS=(
+#    "--cap-add CAP_SYS_ADMIN"
+)
+
+EXTRA_SCRIPTS=(
+#    cursor_theme_dir_integration
+)
+
+##########合成bwrap 4. 合成并执行指令
+# 逐一添加到 EXEC_COMMAND
+for var in "${ENV_VARS[@]}"; do
+    add_env_var $var
+done
+
+for var in "${BIND_DIRS[@]}"; do
+    add_command "$var"
+done
+
+for var in "${EXTRA_ARGS[@]}"; do
+    add_command "$var"
+done
+
+for var in "${EXTRA_SCRIPTS[@]}"; do
+    $var
+done
+
+# 添加最终的 bash 命令
+add_command "bash -c \"${container_command}\""
+
+# 输出完整的 EXEC_COMMAND 以查看
+# echo "${EXEC_COMMAND}"
+
+# 注意: 实际执行时，请确保所有变量（如 $uid, $chrootEnvPath 等）都已正确定义
+eval ${EXEC_COMMAND}
@@ -0,0 +1,104 @@
+#!/bin/bash
+
+# 日志函数
+log.warn() { echo -e "[\e[33mWARN\e[0m]:  \e[1m$*\e[0m"; }
+log.error()  { echo -e "[\e[31mERROR\e[0m]: \e[1m$*\e[0m"; }
+log.info() { echo -e "[\e[96mINFO\e[0m]:  \e[1m$*\e[0m"; }
+log.debug()  { echo -e "[\e[32mDEBUG\e[0m]: \e[1m$*\e[0m"; }
+
+if [ "$UID" != "0" ];then
+    log.error "需要以root权限运行 Need to be run as root."
+    exit 1
+fi
+
+# 1. 获取宿主机 NVIDIA 驱动版本
+nvidia_version=$(cat /sys/module/nvidia/version 2>/dev/null)
+if [ -z "$nvidia_version" ]; then
+    #log.error "无法获取 NVIDIA 驱动版本 Can not determine NVIDIA Driver version"
+    exit 
+fi
+
+# 2. 目标目录准备
+ACE_DIR="$1"
+if [[ ! -e "${ACE_DIR}" ]];then
+    log.error "未检测到 ace-env 安装，请安装后再试 ace-env is not detected. Please try again after installation"
+    exit 1
+fi
+
+# 3. 检查容器内驱动版本是否与宿主机一致
+version_file="$ACE_DIR/amber-ce-tools/nvidia_current_version"
+if [ -f "$version_file" ] && [ "$(cat "$version_file")" = "$nvidia_version" ]; then
+#    log.info "容器内 NVIDIA 驱动版本 ($nvidia_version) 与宿主机一致，无需重新链接"
+#    log.info "Driver version in container matches host version, no need to relink"
+    exit 0
+fi
+
+mkdir -p "$ACE_DIR/usr/lib" "$ACE_DIR/usr/lib32"
+
+log.info "正在链接 NVIDIA 驱动库 Linking NVIDIA Driver Libs"
+
+# 4. 收集库文件路径
+lib_list=$(ldconfig -p | grep -Ei "nvidia|libcuda|libvdpau_nvidia|libnvcuvid|libnvencode|libnvidia-encode" | cut -d'>' -f2)
+
+# 5. 复制库文件
+copied=0
+has_32bit=false
+has_64bit=false
+has_glx=false
+
+for lib in $lib_list; do
+    resolved=$(readlink -f "$lib") # 解析符号链接
+    filename=$(basename "$lib")
+    if file "$resolved" | grep -q "32-bit"; then
+        ln -sf "/host/$resolved" "$ACE_DIR/usr/lib32/$filename"
+        has_32bit=true
+        log.debug "创建32位链接: $ACE_DIR/usr/lib32/$filename -> /host/$resolved"
+    else
+        ln -sf "/host/$resolved" "$ACE_DIR/usr/lib/$filename"
+        has_64bit=true
+        copied=1
+        log.debug "创建64位链接: $ACE_DIR/usr/lib/$filename -> /host/$resolved"
+    fi
+    
+    # 检查是否是GLX库
+    if [[ "$filename" == libGLX_nvidia.so.* ]]; then
+        has_glx=true
+    fi
+done
+
+# 6. 复制辅助文件
+additional_files=(
+    /usr/share/vulkan/icd.d/nvidia_icd.json
+    /usr/share/vulkan/icd.d/nvidia_icd.x86_64.json
+    /usr/share/vulkan/icd.d/nvidia_icd.aarch64.json
+    /usr/share/vulkan/implicit_layer.d/nvidia_layers.json
+    /usr/share/egl/egl_external_platform.d/10_nvidia_wayland.json
+    /usr/share/egl/egl_external_platform.d/15_nvidia_gbm.json
+    /usr/share/egl/egl_external_platform.d/20_nvidia_xcb.json
+    /usr/share/glvnd/egl_vendor.d/10_nvidia.json
+)
+for file in "${additional_files[@]}"; do
+    if [ -f "$file" ]; then
+        resolved=$(readlink -f "$file")
+        dir=$(dirname "$file")
+        mkdir -p "$ACE_DIR/$dir"
+        ln -sf "/host/$resolved" "$ACE_DIR/$dir/$(basename "$file")"
+        log.debug "复制配置文件: $ACE_DIR/$dir/$(basename "$file") -> /host/$resolved"
+    fi
+done
+
+# 7. 生成 ld.so.conf
+echo "/usr/lib" > "$ACE_DIR/etc/ld.so.conf"
+if [ "$has_32bit" = true ]; then
+    echo "/usr/lib32" >> "$ACE_DIR/etc/ld.so.conf"
+fi
+
+# 8. 标记版本
+if [ $copied -eq 1 ]; then
+    echo "$nvidia_version" > "$ACE_DIR/amber-ce-tools/nvidia_current_version"
+    log.info "NVIDIA 驱动库已成功链接 Nvidia Driver Libs are successfully linked."
+    log.info "驱动版本: $nvidia_version"
+    log.info "64位库: $has_64bit, 32位库: $has_32bit, GLX支持: $has_glx"
+else
+    log.error "未找到有效 NVIDIA 库文件 No valid NVIDIA Driver Libs found."
+fi
@@ -0,0 +1,60 @@
+#!/bin/bash
+set -e
+if [ `which debootstrap` = "" ];then
+echo "Need to install debootstrap!"
+exit
+fi
+
+if [ `which systemd-nspawn` = "" ];then
+echo "Need to install systemd-container!"
+exit
+fi
+if [ "$2" = "" ];then
+echo "Usage: $0 ARCHITECTURE CODENAME"
+exit
+fi
+
+sudo cp  /usr/share/debootstrap/scripts/sid /usr/share/debootstrap/scripts/crimson -v
+sudo cp  /usr/share/debootstrap/scripts/sid /usr/share/debootstrap/scripts/beige -v
+
+CODENAME=$2
+
+# Set distroname and components based on codename
+if [ "$CODENAME" = "beige" ] || [ "$CODENAME" = "crimson" ]; then
+    DISTRONAME="deepin/beige"
+    COMPONENTS="main,community,commercial"
+    GPG_CHECK="--no-check-gpg"
+else
+    DISTRONAME="debian"
+    COMPONENTS="main,contrib,non-free,non-free-firmware"
+    GPG_CHECK=""
+fi
+
+if [ "$1" = "amd64" ] || [ "$1" = "x86_64" ];then
+ARCH="amd64"
+ARCH_ANOTHERWAY="x64"
+cd "`dirname $0`"
+sudo debootstrap $GPG_CHECK --components=$COMPONENTS --include=libnotify-bin,apt-utils,bash-completion,bc,curl,dialog,diffutils,findutils,less,libnss-myhostname,libvte-common,lsof,ncurses-base,passwd,pinentry-curses,procps,sudo,time,util-linux,wget,libegl1,libvulkan1,mesa-vulkan-drivers,locales,libglib2.0-bin --arch=${ARCH} $2 ./ace-env https://mirrors.cernet.edu.cn/${DISTRONAME}/
+
+elif [ "$1" = "arm64" ] || [ "$1" = "arm" ]|| [ "$1" = "aarch64" ];then
+ARCH="arm64"
+ARCH_ANOTHERWAY="arm64"
+cd "`dirname $0`"
+sudo debootstrap $GPG_CHECK --components=$COMPONENTS --include=libnotify-bin,apt-utils,bash-completion,bc,curl,dialog,diffutils,findutils,less,libnss-myhostname,libvte-common,lsof,ncurses-base,passwd,pinentry-curses,procps,sudo,time,util-linux,wget,libegl1,libvulkan1,mesa-vulkan-drivers,locales,libglib2.0-bin --arch=${ARCH} $2 ./ace-env https://mirrors.cernet.edu.cn/${DISTRONAME}/
+
+elif [ "$1" = "loong64" ] || [ "$1" = "loongarch64" ];then
+    if [ "$CODENAME" = "beige" ] || [ "$CODENAME" = "crimson" ]; then
+        ARCH="loong64"
+        ARCH_ANOTHERWAY="loongarch64"
+        cd "`dirname $0`"
+        sudo debootstrap $GPG_CHECK --components=$COMPONENTS --include=libnotify-bin,apt-utils,bash-completion,bc,curl,dialog,diffutils,findutils,less,libnss-myhostname,libvte-common,lsof,ncurses-base,passwd,pinentry-curses,procps,sudo,time,util-linux,wget,libegl1,libvulkan1,mesa-vulkan-drivers,locales,libglib2.0-bin --arch=${ARCH} $2 ./ace-env https://mirrors.cernet.edu.cn/${DISTRONAME}/
+    else
+        echo "LoongArch64 is only supported on Deepin (beige/crimson)"
+        exit 1
+    fi
+fi
+
+sudo rm -rf ace-env/var/cache/apt/archives/*.deb
+sudo rm -vfr ace-env/dev/*
+sudo tar -I 'xz -T0' -cvf ace-env.tar.xz ace-env/*
+sudo rm -rf ace-env
@@ -0,0 +1,69 @@
+#!/bin/bash
+
+# 提取配置信息
+VERSION_FEEDBACK=@VERSION@-apm
+UUID=$(cat /etc/machine-id 2>/dev/null || echo "unknown")
+
+
+# 获取系统信息 - 不依赖 lsb_release
+if [ -f /etc/os-release ]; then
+    # 现代 Linux 系统使用 /etc/os-release
+    source /etc/os-release
+    DISTRIBUTOR_ID="$NAME"
+    RELEASE="$VERSION_ID"
+elif [ -f /etc/redhat-release ]; then
+    # RedHat/CentOS 系统
+    DISTRIBUTOR_ID=$(cat /etc/redhat-release | awk '{print $1}')
+    RELEASE=$(cat /etc/redhat-release | sed -n 's/.*release \([0-9][0-9.]*\).*/\1/p')
+elif [ -f /etc/debian_version ]; then
+    # Debian 系统
+    DISTRIBUTOR_ID="Debian"
+    RELEASE=$(cat /etc/debian_version)
+else
+    # 其他系统
+    DISTRIBUTOR_ID="Unknown"
+    RELEASE="Unknown"
+fi
+
+ARCHITECTURE=$(uname -m)
+
+# 构建当前时间
+CURRENT_TIME=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+
+# 构建 JSON 数据
+JSON_DATA=$(cat <<EOF
+{
+  "Distributor ID": "$DISTRIBUTOR_ID",
+  "Release": "$RELEASE",
+  "Architecture": "$ARCHITECTURE",
+  "Store_Version": "$VERSION_FEEDBACK",
+  "UUID": "$UUID",
+  "TIME": "$CURRENT_TIME"
+}
+EOF
+)
+
+#echo "Spark Store Feedback"
+# 调试输出 JSON 数据
+#echo "发送的 JSON 数据："
+#echo "$JSON_DATA" | jq .
+
+# 目标 URL
+URL="https://status.deepinos.org.cn/upload"
+
+# 使用 curl 发送 POST 请求
+RESPONSE=$(curl -s -o /dev/null -w "%{http_code}" -X POST -H "Content-Type: application/json" -d "$JSON_DATA" "$URL")
+
+# 检查 HTTP 响应码
+if [ "$RESPONSE" -eq 200 ]; then
+    #echo "上传成功"
+    true
+elif [ "$RESPONSE" -eq 400 ]; then
+    echo "错误：客户端请求错误，请检查 JSON 数据或接口逻辑"
+elif [ "$RESPONSE" -eq 422 ]; then
+    echo "错误：请求数据无效，请检查 JSON 字段值"
+elif [ "$RESPONSE" -eq 500 ]; then
+    echo "错误：服务器内部错误，请联系服务器管理员"
+else
+    echo "错误：未处理的响应码 $RESPONSE"
+fi
@@ -0,0 +1,46 @@
+# Tips 
+
+1. apm run 会优先尝试独立环境内启动，失败后会在主机环境尝试启动
+
+2. apm 添加了一个钩子（debian only)，在安装到 /var/lib/apm 下的应用存在ace-env时，进行configure nvidia操作；若存在entries,则进行链接到/usr/share/applications操作
+
+3. apm 内置 rootfs的修改如下
+
+
+* 安装xz-utils
+* 安装 bash-completion
+* 安装 ca-certificates
+* 使用支持apm源的aptss，使用独立的sources.list.d,删除原有的源
+* 安装一个空的apm包，用于填充依赖，附带 amber-pm-dstore-patch
+* 删除/var/lib/dpkg的 status status-old available cmethopt diversions diversions-old 
+
+
+4. 打包 apm 包时需要注意的
+
+* 对应的desktop的 Exec 和 Tryexec 均需要加入 `apm run 包名` 前缀（未完成自动化）
+* 完成释放后应删除tar.xz(未完成）
+
+5. apm todo（未完成）
+
+
+
+
+
+
+* apm版融合商店
+* 类似 Wine 运行器的方式全图形化傻瓜式打包
+* 自动融合 APM 应用到系统主机，并实现右键卸载
+
+
+---
+
+已完成
+
+* apm 自动刷新 apm 仓库
+* 完善 amber-pm-common 以快速创建rootfs(生成所有 locales )
+* 添加 gxde fixer 确保在GXDE下可以正常展示应用（即进行一次host integration类操作)
+* 完成amd64软件源配置
+* 修改aptss以兼容APM源加速
+* apm环境变量添加 IS_APM_ENV=1 GTK_USE_PORTAL=1
+* 重要：如何在APM内更新内容——如何覆盖？
+* deb全自动转apm
				`@@ -0,0 +1 @@`
				`# File in this dir will be seen as one of XDG_DATA_DIRS in ACE container.`
				`@@ -0,0 +1 @@`
				`../../var/lib/apm/apm/files/bin/amber-ce-configure-nvidia`
				`@@ -0,0 +1 @@`
				`# App in this dir will be integrated to host os. Will create symbol link when installing`